How to remove iRoot_1.8.8.20465_cid1005_7337ba1e.exe
- File Details
- Overview
- Analysis
iRoot_1.8.8.20465_cid1005_7337ba1e.exe
The module iRoot_1.8.8.20465_cid1005_7337ba1e.exe has been detected as Spy.Keylogger
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
89e0aad680a19e134e93f0faef2135a4 |
| Size: |
31 MB |
| First Published: |
2020-03-29 07:59:02 (5 years ago) |
| Latest Published: |
2024-04-02 23:06:40 (2 years ago) |
| Status: |
Spy.Keylogger (on last analysis) |
|
| Analysis Date: |
2024-04-02 23:06:40 (2 years ago) |
Overview
| Signed By: |
?????????? |
| Status: |
Invalid (digital signature could be stolen or file could be patched) |
| %profile%\downloads |
| %profile%\downloads |
| %desktop%\varios |
| %sysdrive%\downloads |
| %sysdrive%\downloads |
| %sysdrive% |
| %sysdrive%\filehistory\eddie\desktop-h0l502h\data\c\users\eddie\desktop\backup manuale disco samsung ultrabook\users\eddie\downloads |
| %sysdrive%\filehistory\eddie\desktop-h0l502h\data\c\users\eddie\desktop\backup manuale samsung ultrabook 200820\users\eddie\downloads |
| %profile%\downloads |
| %sysdrive%\filehistory\eddie\desktop-h0l502h\data\c\users\eddie\desktop\backup manuale disco samsung ultrabook\users - copy\eddie\downloads |
|
44.4% |
|
|
11.1% |
|
|
11.1% |
|
|
5.6% |
|
|
5.6% |
|
|
5.6% |
|
|
5.6% |
|
|
5.6% |
|
|
5.6% |
|
| Windows 10 |
94.4% |
|
| Windows 8.1 |
5.6% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000117dc |
| Name |
Size of data |
MD5 |
| .text |
62464 |
a33e9ff7181115027d121cd377c28c8f |
| .itext |
4096 |
caec456c18277b579a94c9508daf36ec |
| .data |
3584 |
746954890499546d73dce0e994642192 |
| .bss |
0 |
00000000000000000000000000000000 |
| .idata |
4096 |
e9b9c0328fd9628ad4d6ab8283dcb20e |
| .tls |
0 |
00000000000000000000000000000000 |
| .rdata |
512 |
3dffc444ccc131c9dcee18db49ee6403 |
| .rsrc |
235008 |
9b5cee90a09175c966f4fece54931c1a |
