How to remove RDPConf.exe

» File
File Details
Overview
Analysis

RDPConf.exe

The module RDPConf.exe has been detected as Risk.RemoteAdmin

RDPConf.exe

Remove RDPConf.exe

File Details

Main Info:

Product Name:	RDP Host Support
Company Name:	Stas'M Corp.
MD5:	1e4537b75cad6288f68d595d9c9b13c1
Size:	1 MB
First Published:	2017-05-24 18:09:10 (8 years ago)
Latest Published:	2024-06-14 23:01:38 (a year ago)

Analysis:

Status:	Risk.RemoteAdmin (on last analysis)
Analysis Date:	2024-06-14 23:01:38 (a year ago)

Common Places:

%programfiles%\rdpwrap

%profile%\downloads\software\rdpwrap-v1.6

%sysdrive%\mes documents

%sysdrive%\internet\terminalserver\превращаем windows 10 в сервер терминалов

%sysdrive%\0

%commonappdata%\chocolatey\lib\rdpwrapper

%system%\sevpn\rdp

%desktop%

%sysdrive%\suf\suf10\wpi\install\other

%sysdrive%\$recycle.bin\s-1-5-21-1016013388-1286387663-908628676-1003

Geography:

Venezuela	76.9%
Brazil	3.5%
Russia	2.8%
Croatia	2.8%
Taiwan	2.1%
Argentina	2.1%
India	2.1%
Seychelles	2.1%
Indonesia	0.7%
Mexico	0.7%
France	0.7%
Pakistan	0.7%
Thailand	0.7%
China	0.7%
United States	0.7%
Serbia	0.7%

OS Version:

Windows 10	95.2%
Windows 8.1	2.8%
Windows 7	2.1%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x000bbc78

PE Sections:

Name	Size of data	MD5
.text	758272	6edd62669a0d14e881693fe91e6ea7fa
.itext	3584	37ebcf3580a8dda2f5fb71bb4ef90f4c
.data	9728	c0dbf7b91a24888630dc5bd4e350fdb0
.bss	0	00000000000000000000000000000000
.idata	12800	dc07bd3052bbc0a802dcf7af0bfd4f3d
.didata	1024	f0e42002630e07dab413d85d699eea57
.tls	0	00000000000000000000000000000000
.rdata	512	dc1b7e655b1f90a291d2062b840f6f13
.reloc	69632	d6c070cd76bd2831806b90825f9446a4
.rsrc	193536	2b84830aaf3b4668cd973355ad7255e9

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for RDPConf.exe

copyright for information about RDPConf.exe