How to remove WindowsKernelExplorer.sys
- File Details
- Overview
- Analysis
WindowsKernelExplorer.sys
The module WindowsKernelExplorer.sys has been detected as Worm.Boychi
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
3f3357b3f6e3858216c4d4e56128dd67 |
| Size: |
3 MB |
| First Published: |
2020-10-12 03:05:03 (4 years ago) |
| Latest Published: |
2020-10-12 03:05:03 (4 years ago) |
| Status: |
Worm.Boychi (on last analysis) |
|
| Analysis Date: |
2020-10-12 03:05:03 (4 years ago) |
Overview
| Signed By: |
HT Srl |
| Status: |
Valid |
Analysis
| Subsystem: |
Native |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000000010000 |
| Entry Address: |
0x001f23ae |
| Name |
Size of data |
MD5 |
| .text |
360448 |
9b36dc8701030f0fef9e8a5246b7c2ff |
| .rdata |
11264 |
03342d9523a5b9d8e02fcf0c3e8c4b26 |
| .data |
14336 |
32d54af683831be67a9bd3cdb0f86b92 |
| .pdata |
11264 |
c7319bccde970d8ecb6fe14cee7bcfe1 |
| INIT |
6144 |
540eb3b30b54700490ef653df700ef86 |
| .vmp0 |
1345024 |
87b98fbffa573e58b507db314a44fd1b |
| .vmp1 |
1769472 |
d4fc84c3bf4446a4840d69c23a786bb9 |
| .reloc |
3072 |
df62af39d658cb1f6821f3b48da369e3 |
| .rsrc |
1024 |
0913a0cd34ceef667f58256b536f1682 |
