How to remove bookingDesktopAppUpdate.exe
- File Details
- Overview
- Analysis
bookingDesktopAppUpdate.exe
The module bookingDesktopAppUpdate.exe has been detected as Worm.Ramnit
File Details
Product Name: |
|
Company Name: |
|
MD5: |
490e784bd8982dba6c0784a19ce39e23 |
Size: |
545 KB |
First Published: |
2020-07-04 15:40:34 (4 years ago) |
Latest Published: |
2020-07-04 15:41:38 (4 years ago) |
Status: |
Worm.Ramnit (on last analysis) |
|
Analysis Date: |
2020-07-04 15:41:38 (4 years ago) |
%programfiles%\bookingdesktopapp |
%programfiles%\bookingdesktopapp |
%programfiles%\bookingdesktopapp |
%programfiles%\bookingdesktopapp |
Analysis
Subsystem: |
Windows GUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x00400000 |
Entry Address: |
0x00055000 |
Name |
Size of data |
MD5 |
.text |
75776 |
4e5b74e48529ab3f4ed4befb0f2daea4 |
.data |
2560 |
bc5b4d7716f6b6518b9f48b233033953 |
.idata |
2560 |
ce5001316fae5ec03602c335265a8049 |
.gfids |
512 |
c0e7ad70e7695052a4c9b9a23795cecb |
.rsrc |
15872 |
44be33ded1d5de4c7a8cded0f1788b50 |
.reloc |
4096 |
8197a88629337cd8f4ad320eb993952e |
.text |
227840 |
d8f9302c12ba91e437451f7796daa40d |
.text |
227840 |
d8f9302c12ba91e437451f7796daa40d |