How to remove Wondershare NativePush.exe
- File Details
- Overview
- Analysis
Wondershare NativePush.exe
The module Wondershare NativePush.exe has been detected as Trojan.Downloader
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
f468cb1dddf6392d32ad9e5acf6d667f |
| Size: |
3 MB |
| First Published: |
2022-12-08 23:17:53 (2 years ago) |
| Latest Published: |
2024-03-12 23:03:39 (2 years ago) |
| Status: |
Trojan.Downloader (on last analysis) |
|
| Analysis Date: |
2024-03-12 23:03:39 (2 years ago) |
Overview
| %localappdata%\wondershare\wondershare filmora (spanish es)(cpc) |
| %localappdata%\wondershare\wondershare filmora (spanish es)(cpc) |
| %sysdrive%\windows.old\users\cooperativa\appdata\local\wondershare\wondershare filmora (spanish es)(cpc) |
| %sysdrive%\windows.old\users\rodri\appdata\local\wondershare\wondershare filmora para windows (português) |
| %localappdata%\wondershare\wondershare filmora (spanish es)(cpc) |
| %localappdata%\wondershare\wondershare filmora (cpc) |
| %localappdata%\wondershare\wondershare filmora (cpc) |
| %localappdata%\wondershare\wondershare filmora (spanish es)(cpc) |
| %localappdata%\wondershare\wondershare filmora (cpc) |
|
22.2% |
|
|
22.2% |
|
|
11.1% |
|
|
11.1% |
|
|
11.1% |
|
|
11.1% |
|
|
11.1% |
|
| Windows 10 |
77.8% |
|
| Windows 7 |
22.2% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000a6ed0 |
| Name |
Size of data |
MD5 |
| .text |
673792 |
454ee6321a1fcaa0546a22fc5462f4e4 |
| .itext |
6144 |
527772d3c6a3f7573e3fccf58394dce1 |
| .data |
14336 |
0c2b0e8083d2ca3cca2dbe549a53e3f4 |
| .bss |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| .idata |
4096 |
39e34066552cd253ea6ec8192cf02aef |
| .didata |
512 |
d0c7bef5217588db089445b43a213d23 |
| .edata |
512 |
7a5fa80dc3b4efd40e570da2a500b29e |
| .tls |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| .rdata |
512 |
185642fa268bab79fb1c35168c4a8b2a |
| .rsrc |
237568 |
868185addc8f74d1ae4e8320a0c3fac8 |
