How to remove Wondershare NativePush.exe
- File Details
- Overview
- Analysis
Wondershare NativePush.exe
The module Wondershare NativePush.exe has been detected as Trojan.Downloader
File Details
Product Name: |
|
Company Name: |
|
MD5: |
f468cb1dddf6392d32ad9e5acf6d667f |
Size: |
3 MB |
First Published: |
2022-12-08 23:17:53 (a year ago) |
Latest Published: |
2024-03-12 23:03:39 (2 months ago) |
Status: |
Trojan.Downloader (on last analysis) |
|
Analysis Date: |
2024-03-12 23:03:39 (2 months ago) |
Overview
%localappdata%\wondershare\wondershare filmora (spanish es)(cpc) |
%localappdata%\wondershare\wondershare filmora (spanish es)(cpc) |
%sysdrive%\windows.old\users\cooperativa\appdata\local\wondershare\wondershare filmora (spanish es)(cpc) |
%sysdrive%\windows.old\users\rodri\appdata\local\wondershare\wondershare filmora para windows (português) |
%localappdata%\wondershare\wondershare filmora (spanish es)(cpc) |
%localappdata%\wondershare\wondershare filmora (cpc) |
%localappdata%\wondershare\wondershare filmora (cpc) |
%localappdata%\wondershare\wondershare filmora (spanish es)(cpc) |
%localappdata%\wondershare\wondershare filmora (cpc) |
|
22.2% |
|
|
22.2% |
|
|
11.1% |
|
|
11.1% |
|
|
11.1% |
|
|
11.1% |
|
|
11.1% |
|
Windows 10 |
77.8% |
|
Windows 7 |
22.2% |
|
Analysis
Subsystem: |
Windows GUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x00400000 |
Entry Address: |
0x000a6ed0 |
Name |
Size of data |
MD5 |
.text |
673792 |
454ee6321a1fcaa0546a22fc5462f4e4 |
.itext |
6144 |
527772d3c6a3f7573e3fccf58394dce1 |
.data |
14336 |
0c2b0e8083d2ca3cca2dbe549a53e3f4 |
.bss |
0 |
d41d8cd98f00b204e9800998ecf8427e |
.idata |
4096 |
39e34066552cd253ea6ec8192cf02aef |
.didata |
512 |
d0c7bef5217588db089445b43a213d23 |
.edata |
512 |
7a5fa80dc3b4efd40e570da2a500b29e |
.tls |
0 |
d41d8cd98f00b204e9800998ecf8427e |
.rdata |
512 |
185642fa268bab79fb1c35168c4a8b2a |
.rsrc |
237568 |
868185addc8f74d1ae4e8320a0c3fac8 |