How to remove pw.dll
pw.dll
The module pw.dll has been detected as Trojan.Downloader
File Details
| Product Name: | WindowsApplication12 |
| MD5: | 872401528fc94c90f3de6658e776cc36 |
| Size: | 251 KB |
| First Published: | 2017-07-22 04:06:09 (8 years ago) |
| Latest Published: | 2024-09-07 23:01:10 (a year ago) |
| Status: | Trojan.Downloader (on last analysis) | |
| Analysis Date: | 2024-09-07 23:01:10 (a year ago) |
Common Places:
| %desktop%\rdp\njrat 0.7d golden edition\njrat 0.7d golden edition\plugin |
| %desktop%\troianos rat 0.3d\plugin |
| %desktop%\tudo de bom\hactivismo\trojans\njrat indetectavel 2014 www.trojanoriginal.blogspot.com.br\njrat 0.6.4 by tipotuff |
| %desktop%\tudo de bom\njrat indetectavel 2014 www.trojanoriginal.blogspot.com.br\njrat 0.6.4 by tipotuff |
| %desktop%\todas pastas estão aqui\trojans\troianos rat 0.3d\troianos rat 0.3d |
| %profile%\downloads\arquivos do videos\troianos rat 0.3d |
| %desktop%\coisas\troianos rat 0.3d |
| %desktop%\coisas\hidraforce - senha tioboby\hidraforce v1.1 |
| %desktop%\اختراق الاجهزه |
| %desktop%\اختراق الاجهزه\نجرات |
Geography:
| 32.9% | ||
| 20.5% | ||
| 9.6% | ||
| 8.2% | ||
| 5.5% | ||
| 5.5% | ||
| 5.5% | ||
| 5.5% | ||
| 2.7% | ||
| 1.4% | ||
| 1.4% | ||
| 1.4% |
OS Version:
| Windows 10 | 75.7% | |
| Windows 7 | 17.6% | |
| Windows 8.1 | 2.7% | |
| Windows Server 2012 R2 | 2.7% | |
| Windows Server 2016 | 1.4% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x0003d2be |
.NET Info:
| MVID: | e0b7b1be-873b-4dcf-8048-d2c27aa450f5 |
| Typelib ID: | 46f512e4-742b-460d-8994-6e357a3d5608 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 242688 | a424b37f26152eccdb1867a8c1404672 |
| .sdata | 512 | 1e61c370c7c7960d394ac6d55f50f79d |
| .rsrc | 12288 | 86c8d1f006ae5aef10f9ed4238bd71cd |
| .reloc | 512 | 97563cad959d33fe958db409adf21c01 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for pw.dll
