How to remove ffadyaog.sys
- File Details
- Overview
- Analysis
ffadyaog.sys
The module ffadyaog.sys has been detected as Suspicious Object
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
713fe6170460a0b38536020b515b7761 |
| Size: |
102 KB |
| First Published: |
2017-07-20 21:11:46 (7 years ago) |
| Latest Published: |
2020-02-12 11:12:26 (4 years ago) |
| Status: |
Suspicious Object (on last analysis) |
|
| Analysis Date: |
2020-02-12 11:12:26 (4 years ago) |
| %localappdata%\temp |
| %temp% |
| %temp% |
| %temp% |
| %temp% |
| %temp% |
| %profile% |
| %temp% |
| %temp% |
| axldrpow.sys |
| ffadyaog.sys |
| aftcaaob.sys |
| pxdirpog.sys |
| pxdiqpow.sys |
| uwrdqpow.sys |
| kglorpod.sys |
| kxldqpow.sys |
| pwldqpow.sys |
| afxoqpob.sys |
| awpdipob.sys |
|
25.9% |
|
|
18.5% |
|
|
14.8% |
|
|
11.1% |
|
|
7.4% |
|
|
3.7% |
|
|
3.7% |
|
|
3.7% |
|
|
3.7% |
|
|
3.7% |
|
|
3.7% |
|
| Windows 7 |
48.1% |
|
| Windows 10 |
40.7% |
|
| Windows Vista |
7.4% |
|
| Windows XP |
3.7% |
|
Analysis
| Subsystem: |
Native |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00010000 |
| Entry Address: |
0x00016e85 |
| Name |
Size of data |
MD5 |
| .text |
63360 |
901660e1c27a8382ca68f50092423926 |
| .rwtext |
128 |
1dfdb30573d861fe6c6339b5d4948a46 |
| .rdata |
12416 |
8b09bc8023596d9d46db2df1df7dae6a |
| .data |
16768 |
264054b12405cb5cb55276824e39ffa7 |
| INIT |
2944 |
6b23be72f39a237a2685dde69bbcc9a5 |
| .rsrc |
896 |
4467c9e0d9b5714b8b84b1d545b7980e |
| .reloc |
7296 |
2b1665c55d37963066e25e7ff1bb5aa4 |
