How to remove ni.exe
ni.exe
The module ni.exe has been detected as Trojan.LoadMoney
File Details
| MD5: | 63b4b1c7db61ff4a2e2e96ff0f059bcc |
| Size: | 362 KB |
| First Published: | 2017-05-26 18:08:27 (7 years ago) |
| Latest Published: | 2018-10-04 15:21:38 (6 years ago) |
| Status: | Trojan.LoadMoney (on last analysis) | |
| Analysis Date: | 2018-10-04 15:21:38 (6 years ago) |
Overview
| Signed By: | OOO "SOLVO.LOG" |
| Status: | Valid |
Common Places:
| %localappdata%\filesystemdriver |
| %profile%\dmin.microsof-269a17\local settings |
| %localappdata% |
File Names:
| FileSystemDriver.exe.old |
| ni.exe |
| trz18CA.tmp |
Geography:
| 66.7% | ||
| 33.3% |
OS Version:
| Windows 8.1 | 33.3% | |
| Windows 7 | 33.3% | |
| Windows 10 | 33.3% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x0002c860 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 291328 | 2625f0c1c1b373e90a73447e75c81533 |
| .rdata | 61952 | 91d3ea44749dffce5848fb59aea1d97d |
| .data | 9728 | dc51f3923b4115a1393db2852837693c |
| .rsrc | 1536 | e734c6e512d36ebd79c606c1a7126bf1 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for ni.exe
