How to remove curl_7_54.exe-0~deleted
- File Details
- Overview
- Analysis
curl_7_54.exe-0~deleted
The module curl_7_54.exe-0~deleted has been detected as Trojan.Downloader
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
cf464d1f8ff321a74fddb4e00c20876a |
| Size: |
2 MB |
| First Published: |
2017-08-12 21:04:14 (6 years ago) |
| Latest Published: |
2024-03-23 23:01:01 (2 months ago) |
| Status: |
Trojan.Downloader (on last analysis) |
|
| Analysis Date: |
2024-03-23 23:01:01 (2 months ago) |
| %appdata%\curl |
| %profile%\kamylove\application data\curl |
| %profile%\дминистратор\application data\curl |
| %profile%\22\application data\curl |
| %profile%\01\application data\curl |
| %profile%\suario\datos de programa\curl |
| %profile%\dministrator\application data\curl |
| %profile%\dmin\application data\curl |
| %profile%\kodadi\application data\curl |
| %profile%\skh\application data\curl |
| curl_7_54.exe |
| curl_7_54.exe-0~deleted |
|
24.1% |
|
|
20.0% |
|
|
11.5% |
|
|
4.3% |
|
|
4.3% |
|
|
3.0% |
|
|
2.7% |
|
|
2.0% |
|
|
1.9% |
|
|
1.7% |
|
|
1.7% |
|
|
1.4% |
|
|
1.1% |
|
|
1.1% |
|
|
0.9% |
|
|
0.9% |
|
|
0.8% |
|
|
0.8% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.6% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
| Windows 10 |
53.9% |
|
| Windows 7 |
34.4% |
|
| Windows 8.1 |
7.8% |
|
| Windows XP |
2.2% |
|
| Windows 8 |
1.5% |
|
| Windows Embedded 8.1 |
0.2% |
|
| Windows Vista |
0.1% |
|
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000014e0 |
| Name |
Size of data |
MD5 |
| .text |
2064384 |
ed0eab7b39e6970fae28fe63628e48bc |
| .data |
44032 |
ba34e532cb151b4ec9848af62c39b541 |
| .rdata |
440832 |
cc81be3f64f58c34f035c97e596b8eb5 |
| .bss |
0 |
00000000000000000000000000000000 |
| .edata |
2048 |
64403f37962c1571c47809599551c61d |
| .idata |
7168 |
6d58f63926ffe7330e3fd8666fe3f1af |
| .CRT |
512 |
12a41142024754a89159c1c4046dfa20 |
| .tls |
512 |
0dbef6eab52f8a271916e7f8c1bda791 |
| .rsrc |
1024 |
c1289901630c130cb77e05f40951c516 |
| .reloc |
72192 |
3e7c58ed08e5a06bde6fbc3ee5e13c4d |
