How to remove krnl.exe
krnl.exe
The module krnl.exe has been detected as Trojan.Downloader
File Details
| Product Name: | krnlss |
| MD5: | 5a36973a236bd6266f849014ebac7260 |
| Size: | 2 MB |
| First Published: | 2021-03-07 04:39:40 (4 years ago) |
| Latest Published: | 2023-04-04 23:04:12 (2 years ago) |
| Status: | Trojan.Downloader (on last analysis) | |
| Analysis Date: | 2023-04-04 23:04:12 (2 years ago) |
Common Places:
| %profile%\downloads\krnlwrd.rar |
| %profile%\downloads\krnlwrd (1).rar |
| %profile%\downloads\krnlwrd.rar |
| %profile%\onedrive\pulpit |
| %desktop%\roblox hacks\krnlwrd |
| %desktop%\roblox hacks\krnlwrd |
| %sysdrive%\$recycle.bin\s-1-5-21-3384613649-1700100445-2467639420-1001\$rll83uy.rar |
| %sysdrive%\$recycle.bin\s-1-5-21-3384613649-1700100445-2467639420-1001\$rll83uy.rar |
| %profile%\onedrive\documents\desktop |
| %sysdrive%\$recycle.bin\s-1-5-21-1922734689-3663266902-741593213-1002 |
Geography:
| 38.5% | ||
| 30.8% | ||
| 15.4% | ||
| 7.7% | ||
| 7.7% |
OS Version:
| Windows 10 | 100.0% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x0021066e |
.NET Info:
| MVID: | 96cb57cf-e89f-430f-83e1-8037b11bb76a |
| Typelib ID: | 13104ded-97af-473e-b829-b7b0bac3a261 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 2156544 | f8739c3f94f5ec555e14ad6452d6c93a |
| .rsrc | 189952 | c23afadcfa7d68fa07b44fc95279f437 |
| .reloc | 512 | c7693623cdb4c576440c0b65e2d5998d |
More information:
Download GridinSoft
Anti-Malware - Removal tool for krnl.exe
