How to remove moonlight.exe
- File Details
- Overview
- Analysis
moonlight.exe
The module moonlight.exe has been detected as Trojan.Startpage
File Details
Product Name: |
|
Company Name: |
|
MD5: |
b2e0d771cade57da7ba3aa3be2112f64 |
Size: |
11 MB |
First Published: |
2018-08-08 11:14:51 (5 years ago) |
Latest Published: |
2020-10-04 04:24:42 (3 years ago) |
Status: |
Trojan.Startpage (on last analysis) |
|
Analysis Date: |
2020-10-04 04:24:42 (3 years ago) |
Overview
%windir%\systemnode |
%windir%\reserve service |
%windir% |
%windir%\winkit |
%windir%\winkit |
%windir%\reserve service |
%windir% |
%windir%\systemnode |
%windir%\systemnode |
%windir% |
sysnode.exe |
moonlight.exe |
upd.exe |
reserve.exe |
msnode.exe |
|
74.6% |
|
|
12.8% |
|
|
5.8% |
|
|
1.7% |
|
|
1.3% |
|
|
0.8% |
|
|
0.8% |
|
|
0.4% |
|
|
0.4% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
Windows 10 |
58.6% |
|
Windows 7 |
31.2% |
|
Windows 8.1 |
9.9% |
|
Windows Embedded 8.1 |
0.2% |
|
Windows 8 |
0.1% |
|
Analysis
Subsystem: |
Windows CUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x00400000 |
Entry Address: |
0x005a251c |
Name |
Size of data |
MD5 |
.text |
6130688 |
5ae6087912d523f7ef0fe84b88196520 |
.rdata |
5270528 |
384a75e35a8d6fa8dadc4bb918e422aa |
.data |
66560 |
e998266761a57314636bb32c771b24e5 |
.rsrc |
109568 |
834f95bdf8d019cb3854191af521a7ac |
.reloc |
258048 |
03a8e3ed18c025b0f9a42e70460d8a05 |