How to remove dptf_cpu.sys
- File Details
- Overview
- Analysis
dptf_cpu.sys
The module dptf_cpu.sys has been detected as Virtool.ShadowBrokers
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
e3ff0c39090cef3c46dbef72f70adce7 |
| Size: |
65 KB |
| First Published: |
2017-09-17 18:21:01 (7 years ago) |
| Latest Published: |
2019-11-12 17:24:25 (5 years ago) |
| Status: |
Virtool.ShadowBrokers (on last analysis) |
|
| Analysis Date: |
2019-11-12 17:24:25 (5 years ago) |
Overview
| %commonappdata%\reviversoft\pc reviver\s-1-5-21-672605517-2711297756-987049387-1001\driver updater\downloads\231\59001c07-0021-4fa9-bb3d-25daf93899fd |
| %commonappdata%\reviversoft\driver reviver\downloads\118 |
| %commonappdata%\reviversoft\driver reviver\downloads\89 |
| %commonappdata%\winzip\winzip driver updater\downloads\52 |
| %commonappdata%\winzip\winzip driver updater\downloads\f4bc19b4-79a3-4f4a-a113-1bad11b03a1e |
| %commonappdata%\winzip\winzip driver updater\downloads\83 |
| %commonappdata%\reviversoft\driver reviver\downloads\193 |
| %commonappdata%\reviversoft\driver reviver\downloads\6c8f8ae3-6484-4a21-a2e9-7f7084d95fdd |
| %system% |
|
20.0% |
|
|
20.0% |
|
|
20.0% |
|
|
20.0% |
|
|
10.0% |
|
|
10.0% |
|
Analysis
| Subsystem: |
Native |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000140000000 |
| Entry Address: |
0x00005c10 |
| Name |
Size of data |
MD5 |
| .text |
26624 |
0f04389fb75859c35a8a51d858bec947 |
| .rdata |
3072 |
37e9be0ea77802ebe6bb4f7731d0d8ba |
| .data |
2048 |
3a93ae6a540e74e773df25118b6bdf55 |
| .pdata |
1024 |
f5c3eb5691dd4eaa79feec0085bba8a2 |
| .gfids |
512 |
844088389eb8bb381e1e67cf91a2462b |
| PAGE |
6656 |
2e717f5a20886f37a34af30d3a16ea38 |
| INIT |
2048 |
03437cfd51b6259ab4cb902be27c65ab |
| .rsrc |
5632 |
40a192dae16671bcb431d656c2b58e4b |
| .reloc |
512 |
85a6a3495818fd835dfab272de3a6055 |
