How to remove _pytrch.pyd
- File Details
- Overview
- Analysis
_pytrch.pyd
The module _pytrch.pyd has been detected as Trojan.Agent
File Details
MD5: |
2c2ef3b01ffa0ab28b3bd7c88f2ac22f |
Size: |
150 KB |
First Published: |
2018-01-04 05:10:11 (6 years ago) |
Latest Published: |
2021-09-30 20:22:28 (2 years ago) |
Status: |
Trojan.Agent (on last analysis) |
|
Analysis Date: |
2021-09-30 20:22:28 (2 years ago) |
%commonappdata% |
%windir%\sysprepthemes |
%windir%\securebootthemes |
%windir%\ime |
%temp%\csrss\smb |
%windir%\speechstracing |
%sysdrive%\$recycle.bin\s-1-5-21-3588474478-3832022100-683633981-1001\$r7ac8tm\smb |
%sysdrive%\$recycle.bin\s-1-5-21-2651333685-2366155573-1070979430-1000\$rc21fb6\smb |
%sysdrive%\$recycle.bin\s-1-5-21-3325175830-2879278729-2047893935-1001 |
%profile%\downloads\eternalblue-doublepulsar-metasploit-master.zip\eternalblue-doublepulsar-metasploit-master |
|
43.5% |
|
|
12.2% |
|
|
10.8% |
|
|
5.0% |
|
|
4.2% |
|
|
2.9% |
|
|
2.4% |
|
|
1.9% |
|
|
1.5% |
|
|
1.4% |
|
|
1.3% |
|
|
1.2% |
|
|
1.0% |
|
|
1.0% |
|
|
0.9% |
|
|
0.6% |
|
|
0.6% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
Windows 7 |
88.8% |
|
Windows 10 |
7.5% |
|
Windows XP |
1.4% |
|
Windows Server 2008 R2 |
1.3% |
|
Windows 8.1 |
0.6% |
|
Windows Vista |
0.3% |
|
Analysis
Subsystem: |
Windows GUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x10000000 |
Entry Address: |
0x00012753 |
Name |
Size of data |
MD5 |
.text |
73216 |
904acdad273df768ce822adae51bb787 |
.rdata |
63488 |
06577e63a6ecbedbf2d438a05278820f |
.data |
7680 |
31571831ba1810fd306b21f07f17505c |
.reloc |
8192 |
b08eaf519bf27b47a37ec1f2ba1b8de9 |