How to remove mimidrv.sys
- File Details
- Overview
- Analysis
mimidrv.sys
The module mimidrv.sys has been detected as Trojan.Gen
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
bdb305aa0806f8b38b7ce43c927fe919 |
| Size: |
27 KB |
| First Published: |
2019-10-08 03:10:09 (4 years ago) |
| Latest Published: |
2020-07-15 15:35:19 (3 years ago) |
| Status: |
Trojan.Gen (on last analysis) |
|
| Analysis Date: |
2020-07-15 15:35:19 (3 years ago) |
Overview
| %profile%\dministrator\my documents\downloads\wor\mimikatz\mimikatz |
| %sysdrive%\wmpub\1\mimikatz\mimikatz |
| %desktop%\mimik\mimikatz |
| %desktop%\tools\extract\mimikatz |
| %desktop%\automim.zip\automim\automim\mimikatz |
| %desktop%\automim\automim\automim\mimikatz |
|
33.3% |
|
|
16.7% |
|
|
16.7% |
|
|
16.7% |
|
|
16.7% |
|
| Windows Server 2003 |
33.3% |
|
| Windows Server 2008 R2 |
33.3% |
|
| Windows Server 2012 R2 |
16.7% |
|
| Windows 7 |
16.7% |
|
Analysis
| Subsystem: |
Native |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00010000 |
| Entry Address: |
0x0000703e |
| Name |
Size of data |
MD5 |
| .text |
9216 |
b5c345b3591f498b437dd5cc95f2a195 |
| .rdata |
4096 |
eca9deccd9fcd3bfd999d384696070df |
| .data |
4096 |
3db5b2d9bf6256cf31d9f7b01c884ab5 |
| PAGE |
1024 |
73258624709dc2a6d98bbe1d6ac0a2b8 |
| INIT |
1536 |
fcfb613c49da8e0ee7b1756154fd1279 |
| .rsrc |
1536 |
086183836d310c89a96baed75a628663 |
| .reloc |
1536 |
ce408d0dcc9aa87104d1b01177530fbf |
