How to remove RDPWInst.exe
- File Details
- Overview
- Analysis
RDPWInst.exe
The module RDPWInst.exe has been detected as General Threat
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
ce6a1d8fe9d16f4c4e2f41ef6cd3ad9b |
| Size: |
1 MB |
| First Published: |
2018-02-08 16:09:41 (7 years ago) |
| Latest Published: |
2025-07-26 23:00:28 (3 months ago) |
| Status: |
General Threat (on last analysis) |
|
| Analysis Date: |
2025-07-26 23:00:28 (3 months ago) |
| %sysdrive%\mes documents |
| %sysdrive%\internet\terminalserver\превращаем windows 10 в сервер терминалов |
| %sysdrive%\0 |
| %commonappdata%\chocolatey\lib\rdpwrapper |
| %desktop% |
| %sysdrive%\suf\suf10\wpi\install\other |
| %programfiles% |
| %sysdrive%\$recycle.bin\s-1-5-21-1016013388-1286387663-908628676-1003 |
| %profile% |
| %profile%\downloads |
|
77.4% |
|
|
3.8% |
|
|
3.0% |
|
|
2.3% |
|
|
2.3% |
|
|
2.3% |
|
|
2.3% |
|
|
2.3% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
| Windows 10 |
95.6% |
|
| Windows 7 |
3.0% |
|
| Windows 8.1 |
1.5% |
|
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0004273c |
| Name |
Size of data |
MD5 |
| .text |
265728 |
3699eb65c0c836d9bff509c8b0a61007 |
| .itext |
7168 |
aed5ae58ad7ebc05e6cc1106752f4976 |
| .data |
5120 |
9c262a2fd63315162162df4741473c31 |
| .bss |
0 |
00000000000000000000000000000000 |
| .idata |
5120 |
8ca55385955e560381c92fb7654ba663 |
| .tls |
0 |
00000000000000000000000000000000 |
| .rdata |
512 |
b1ac0acde2a08ab89924d9ae009f73e2 |
| .reloc |
24576 |
be981f4f4d7f56912621fdb027f00b5b |
| .rsrc |
980480 |
2a5cab2b90a29fd275dbe35c8e610c5c |
