How to remove hide.exe
hide.exe
The module hide.exe has been detected as Suspicious Object
File Details
| Product Name: | hstart |
| Company Name: | NTWind Software |
| MD5: | e3a8a2442bc441d5d732d42deeb3b75d |
| Size: | 16 KB |
| First Published: | 2017-06-07 15:10:24 (8 years ago) |
| Latest Published: | 2021-01-03 14:00:40 (4 years ago) |
| Status: | Suspicious Object (on last analysis) | |
| Analysis Date: | 2021-01-03 14:00:40 (4 years ago) |
Overview
| Signed By: | Alexander Avdonin |
| Status: | Valid |
Common Places:
| %sysdrive%\wgho\grub |
| %sysdrive%\ggho\grub |
| %localappdata% |
| %localappdata% |
| %localappdata% |
| %localappdata% |
File Names:
| hstart.exe |
| hide.exe |
Geography:
| 35.7% | ||
| 35.7% | ||
| 7.1% | ||
| 7.1% | ||
| 7.1% | ||
| 7.1% |
OS Version:
| Windows 7 | 78.6% | |
| Windows Server 2008 R2 | 14.3% | |
| Windows 10 | 7.1% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00001810 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 5632 | 1b009e5aa94f5691f76caae94ce33bac |
| .rdata | 4096 | 5932847b9c9a0088fb797cde6bb94508 |
| .data | 512 | 1f2f38a035dbdb9b9a9abf35b21acd90 |
| .rsrc | 2048 | 6b65ed00bbc75785bdcef7f7d3297d82 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for hide.exe
