How to remove mimidrv.sys
- File Details
- Overview
- Analysis
mimidrv.sys
The module mimidrv.sys has been detected as Trojan.Gen
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
68caf620ef8deaf06819cf8c80d3367b |
| Size: |
33 KB |
| First Published: |
2019-10-08 03:08:41 (5 years ago) |
| Latest Published: |
2020-05-29 12:20:56 (4 years ago) |
| Status: |
Trojan.Gen (on last analysis) |
|
| Analysis Date: |
2020-05-29 12:20:56 (4 years ago) |
Overview
| %profile%\dministrator\my documents\downloads\wor\mimikatz\mimikatz |
| %sysdrive%\wmpub\1\mimikatz\mimikatz |
| %desktop%\mimik\mimikatz |
| %desktop%\tools\extract\mimikatz |
| Windows Server 2003 |
50.0% |
|
| Windows Server 2012 R2 |
25.0% |
|
| Windows 7 |
25.0% |
|
Analysis
| Subsystem: |
Native |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000000010000 |
| Entry Address: |
0x0000b064 |
| Name |
Size of data |
MD5 |
| .text |
12800 |
b0ff3faa16c74306f92153b1c48cb7f5 |
| .rdata |
5120 |
5014d424e3197581fb10f84f17915001 |
| .data |
5632 |
2db401347bf58464e7d5b4b4559f7649 |
| .pdata |
512 |
b04990936e5aa0b5e6449b3450beddc2 |
| PAGE |
1024 |
8b0684505ef2968c82786401708e2579 |
| INIT |
1536 |
6ba44e961efadd26bd07cdf50e02f977 |
| .rsrc |
1536 |
d30a5ae8c6b8615ded3d921feda2bbbf |
| .reloc |
1024 |
d1acd4353a27bfa9c1fbfd6852a1f1ed |
