How to remove cmdrv64.sys
- File Details
- Overview
- Analysis
cmdrv64.sys
The module cmdrv64.sys has been detected as Worm.Boychi
File Details
| MD5: |
ab574e37df0da38d782edf7f12ad572a |
| Size: |
362 KB |
| First Published: |
2019-07-01 08:35:40 (5 years ago) |
| Latest Published: |
2021-01-10 19:06:32 (3 years ago) |
| Status: |
Worm.Boychi (on last analysis) |
|
| Analysis Date: |
2021-01-10 19:06:32 (3 years ago) |
Overview
| Signed By: |
HT Srl |
| Status: |
Valid |
| %system% |
| %system% |
| %system% |
| %system% |
| %system% |
| %system% |
| %system% |
| %system% |
| %system% |
| %system% |
|
54.5% |
|
|
13.6% |
|
|
9.1% |
|
|
4.5% |
|
|
4.5% |
|
|
4.5% |
|
|
4.5% |
|
|
4.5% |
|
| Windows 10 |
90.5% |
|
| Windows 8.1 |
4.8% |
|
| Windows 7 |
4.8% |
|
Analysis
| Subsystem: |
Native |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000140000000 |
| Entry Address: |
0x0005d000 |
| Name |
Size of data |
MD5 |
| .text |
358400 |
d7724fbb5f2b51201fdb655a52b89583 |
| .rdata |
5632 |
e543832a30844f7a4346f546be6c46ef |
| .data |
512 |
ee8e428290ec42160c5e2a30f80215a5 |
| .pdata |
512 |
9a0ea9245e5ba0b5b9e3e344812f767f |
| INIT |
512 |
b668a11d49a9f62a956dd58c3bc1109d |
| .reloc |
512 |
2f8fd00d8180a40d13997a05609c345e |
