How to remove onestart.exe
- File Details
- Overview
- Analysis
onestart.exe
The module onestart.exe has been detected as PUP.OneStart
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
c1472f63dfe29605b1df91c38f01ebc1 |
| Size: |
3 MB |
| First Published: |
2025-01-23 23:01:48 (a year ago) |
| Latest Published: |
2025-01-27 23:01:44 (a year ago) |
| Status: |
PUP.OneStart (on last analysis) |
|
| Analysis Date: |
2025-01-27 23:01:44 (a year ago) |
Overview
| %localappdata%\onestart.ai\onestart |
| %localappdata%\onestart.ai\onestart\temp |
| %localappdata%\onestart.ai\onestart |
| %localappdata%\onestart.ai\onestart |
| %localappdata%\onestart.ai\onestart\temp |
| %localappdata%\onestart.ai\onestart |
| %localappdata%\onestart.ai\onestart |
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000140000000 |
| Entry Address: |
0x0019fa80 |
| Name |
Size of data |
MD5 |
| .text |
2515456 |
0e8761959d09a433317ae234b46d01aa |
| .rdata |
320000 |
de766e3424dadf4ab2ecccbe6a8c44fe |
| .data |
61952 |
4600aaadd4e7d04a2707cec54052cab8 |
| .pdata |
61440 |
cf910b575e2dd9166502921707a1a3c4 |
| .gxfg |
13312 |
8c4b243ba778cfbd475278f23ae117b7 |
| .retplne |
512 |
022887b1467ba7c3bd7ed7d98b0a888a |
| .tls |
1024 |
82ff3e846292a8a38973a7b96a372dbe |
| CPADinfo |
512 |
60d3ea61d541c9be2e845d2787fb9574 |
| _RDATA |
512 |
4edd2da4f250a3b1d9e90cff1bedc612 |
| malloc_h |
1536 |
18a41f60daef58cb21e108c0c1e4653d |
| .rsrc |
400384 |
94e6526a71f81d1c281c48ebe110bd22 |
| .reloc |
10240 |
8110d15feb1563d8b338ca8a207f2860 |
