How to remove jrnstvyyho.exe
- File Details
- Overview
- Analysis
jrnstvyyho.exe
The module jrnstvyyho.exe has been detected as Ransom.Injector
File Details
| MD5: |
3a93542ef653c9211885999f6be603df |
| Size: |
195 KB |
| First Published: |
2017-05-26 14:11:19 (7 years ago) |
| Latest Published: |
2017-05-26 14:11:22 (7 years ago) |
| Status: |
Ransom.Injector (on last analysis) |
|
| Analysis Date: |
2017-05-26 14:11:22 (7 years ago) |
| %localappdata%\temp |
| %temp%\temporary internet files\content.ie5\z0nj3k5w |
| %temp%\temporary internet files\content.ie5\0a5jn62w |
| %localappdata%\microsoft\windows\temporary internet files\content.ie5\yvlv21p1 |
| wecwuzwraa.exe |
| jrnstvyyho.exe |
| bwretyorch.exe |
| prpezhgnvh.exe |
| p[1].exe |
| rmpdmbvjux.exe |
| pgzbucqwhp.exe |
| hxxtmsmjsc.exe |
| axqhsdodie.exe |
| bpuenqjudh.exe |
| rzwaawhffu.exe |
| tmtrwxykzm.exe |
| kooykbkqlq.exe |
| ovyynsxcui.exe |
| uznfygfmxi.exe |
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000032a0 |
| Name |
Size of data |
MD5 |
| .text |
25600 |
4219bc0ba21196c40804cc23644c3170 |
| .rdata |
5632 |
d6b0bc2db2de2a3dd996fda6539cef0e |
| .data |
1536 |
2aa587c909999ca52be17d0f1ffbd186 |
| .ndata |
0 |
00000000000000000000000000000000 |
| .rsrc |
30720 |
1c2d7e1a3bda40417faf3b3c9c2cf784 |
