How to remove doumai.exe
doumai.exe
The module doumai.exe has been detected as Hijack.Explorer
File Details
| Product Name: | 豆麦笔记 |
| Company Name: | 杭州九天网络信息技术有限公司 |
| MD5: | 5b8b1c55aa604ccf871594141dd99b54 |
| Size: | 6 MB |
| First Published: | 2018-08-12 03:07:05 (5 years ago) |
| Latest Published: | 2018-08-28 11:07:05 (5 years ago) |
| Status: | Hijack.Explorer (on last analysis) | |
| Analysis Date: | 2018-08-28 11:07:05 (5 years ago) |
Overview
| Signed By: | 杭州九天网络信息技术有限公司 |
| Status: | Valid |
Common Places:
| %appdata% |
File Names:
| DouMai.exe |
| doumai.exe |
Geography:
| 84.6% | ||
| 15.4% |
OS Version:
| Windows 10 | 53.8% | |
| Windows 8.1 | 38.5% | |
| Windows 7 | 7.7% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00214dd3 |
PE Sections:
| Name | Size of data | MD5 |
| .textbss | 0 | 00000000000000000000000000000000 |
| .text | 4516352 | 239d13faac3a0f6ec3286249f1ce3a08 |
| .rdata | 762880 | f4d860484ce6dc0cb15ef7cc8a54d0b0 |
| .data | 206336 | 5561a8ba4c44bb9ad282f582dab2d4e8 |
| .idata | 25600 | 9a8e082a99028fa0d4352298801251d3 |
| .tls | 1024 | c573bd7cea296a9c5d230ca6b5aee1a6 |
| .gfids | 3584 | 2fb09dcde4c7746ba3fe6cd48f0e3faa |
| .00cfg | 512 | 04fb212566e2a2ea24a0b693d774c3b3 |
| .rsrc | 1100288 | ab0860b3271e52b9bceba120add7e9b0 |
| .reloc | 152064 | d2bdd125196903dbe93b4d764c89f2f2 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for doumai.exe
