How to remove SYS.exe
SYS.exe
The module SYS.exe has been detected as Trojan.Koobface
File Details
| Product Name: | ivmsservice |
| MD5: | e32bc0b8c2acaf899bb14d8bfc8945b3 |
| Size: | 17 KB |
| First Published: | 2023-10-06 23:22:50 (a year ago) |
| Latest Published: | 2023-10-06 23:22:50 (a year ago) |
| Status: | Trojan.Koobface (on last analysis) | |
| Analysis Date: | 2023-10-06 23:22:50 (a year ago) |
Overview
| Signed By: | HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. |
| Status: | Valid |
Common Places:
| %programfiles%\hikcentral focsign\vsm servers |
Geography:
| 100.0% |
OS Version:
| Windows 10 | 100.0% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000140000000 |
| Entry Address: | 0x00001320 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 2560 | ecaec8033f125226825e5cd3c100c60a |
| .rdata | 2048 | 993e55326caff9cab506fd707e59651a |
| .data | 512 | ba5e9ac632de125965c5dfac3d6de948 |
| .pdata | 512 | c2b7c2aa0c8608087a7f253d2aaacb06 |
| .rsrc | 2048 | 68d48bbbf938714a72f2985a7b6a417b |
| .reloc | 512 | 6804311fb2020a3b7adb6e98948ac9ed |
More information:
Download GridinSoft
Anti-Malware - Removal tool for SYS.exe
