How to remove QhzPNdYWuI52_ewQXbSwDaX0.exe

» File
File Details
Overview
Analysis

QhzPNdYWuI52_ewQXbSwDaX0.exe

The module QhzPNdYWuI52_ewQXbSwDaX0.exe has been detected as Trojan.RedLine

QhzPNdYWuI52_ewQXbSwDaX0.exe

Remove QhzPNdYWuI52_ewQXbSw

File Details

Main Info:

Product Name:	XHP booster
MD5:	76a37712670cade239d9ecd8cf7daf8d
Size:	3 MB
First Published:	2024-03-23 23:01:01 (2 years ago)
Latest Published:	2024-03-23 23:01:02 (2 years ago)

Analysis:

Status:	Trojan.RedLine (on last analysis)
Analysis Date:	2024-03-23 23:01:02 (2 years ago)

Common Places:

%mydoc%

%mydoc%

Geography:

100.0%

OS Version:

Windows 10

100.0%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00600058

PE Sections:

Name	Size of data	MD5
	86783	d96220c77c3c5dbc542512d00ba402f9
	77582	c7414242b9f5aff9b35533e6c47462c6
	15	4835e77676ac3426ce5816a884ca1f45
.imports	1024	06da474d641d03bcedc221e6217783f1
.rsrc	461824	c95c4fc76c054c17e0702962e9bebf16
.themida	0	d41d8cd98f00b204e9800998ecf8427e
.boot	2826533	461e3d16663cc77c7cf159f348709989

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for QhzPNdYWuI52_ewQXbSwDaX0.exe

copyright for information about QhzPNdYWuI52_ewQXbSwDaX0.exe