How to remove hqyvotkwgtvccuremthwiwkqsxkyenaw.back
- File Details
- Overview
- Analysis
hqyvotkwgtvccuremthwiwkqsxkyenaw.back
The module hqyvotkwgtvccuremthwiwkqsxkyenaw.back has been detected as Adware.Agent
File Details
MD5: |
8b15e2061ee2142cc2536d8799cd478f |
Size: |
1 MB |
First Published: |
2017-05-21 06:07:05 (7 years ago) |
Latest Published: |
2018-10-04 05:10:19 (6 years ago) |
Status: |
Adware.Agent (on last analysis) |
|
Analysis Date: |
2018-10-04 05:10:19 (6 years ago) |
%sysdrive%\programdata |
%temp%\00005297 |
%temp%\00015257 |
%temp%\00031941 |
%temp%\31198 |
%temp%\00010229 |
%temp%\00008539 |
%temp%\00011646 |
%temp%\00029361 |
%temp%\00025617 |
service.exe |
hqyvotkwgtvccuremthwiwkqsxkyenaw.back |
wpwlywvllkwkoesofjvvwuppsbnzrhdz.back |
oelmlnrisnmwegqhwvjsmbdqfedsvxgz.back |
SERVICE.EXE |
inczsxztupihvgjkqyffwcwgspqewydn.back |
|
36.8% |
|
|
15.5% |
|
|
7.3% |
|
|
6.9% |
|
|
5.7% |
|
|
5.1% |
|
|
4.0% |
|
|
3.1% |
|
|
1.6% |
|
|
1.5% |
|
|
1.3% |
|
|
0.8% |
|
|
0.8% |
|
|
0.7% |
|
|
0.6% |
|
|
0.6% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.4% |
|
|
0.4% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
Windows 7 |
71.1% |
|
Windows 10 |
19.7% |
|
Windows 8.1 |
6.9% |
|
Windows 8 |
1.6% |
|
Windows Vista |
0.6% |
|
Windows XP |
0.1% |
|
Analysis
Subsystem: |
Windows GUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x00400000 |
Entry Address: |
0x000b8e77 |
Name |
Size of data |
MD5 |
.text |
1247744 |
254037b20ea0822d0ebe3b2b6367dc47 |
.rdata |
272896 |
bd46dbc88e61f9760a1042ebccc91150 |
.data |
33792 |
0887e1658b333a4dcc4ed4f2054ba954 |
.rsrc |
1536 |
d5a58f603e3da553f9f42d9b725d7b10 |
.reloc |
66560 |
804e033b60100b69badfc22aa8dc9c8e |