How to remove pw.exe
pw.exe
The module pw.exe has been detected as Hack.Mimikatz
File Details
| Product Name: | mimikatz |
| Company Name: | gentilkiwi (Benjamin DELPY) |
| MD5: | 7862ac21eb3f8c4e8247c188c5f8179f |
| Size: | 1 MB |
| First Published: | 2024-04-10 23:05:56 (a year ago) |
| Latest Published: | 2024-04-11 23:05:27 (a year ago) |
| Status: | Hack.Mimikatz (on last analysis) | |
| Analysis Date: | 2024-04-11 23:05:27 (a year ago) |
Overview
| Signed By: | Open Source Developer, Benjamin Delpy |
| Status: | Valid |
Common Places:
| %profile%\onedrive\escritorio\payload\usbrubberducky-payloads-master\usbrubberducky-payloads-master\payloads\library\credentials |
| %profile%\onedrive\escritorio\payload\usbrubberducky-payloads-master\usbrubberducky-payloads-master\payloads\library\credentials |
Geography:
| 100.0% |
OS Version:
| Windows 10 | 100.0% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000140000000 |
| Entry Address: | 0x000c7578 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 840704 | 640d949657fb586d6cabfaf737fda3ee |
| .rdata | 413696 | e9e4e38b61568b2f9bc804bfeebc0a4b |
| .data | 27136 | 7ea2e480e60397343fe0fb0c3b75b50b |
| .pdata | 26624 | f4137840148c274dca39d16f46392bf3 |
| .rsrc | 16384 | 573d5419fb576cf8473c4235507712f7 |
| .reloc | 9728 | d9e17a6ad81f33eb70776e8a6716c84d |
More information:
Download GridinSoft
Anti-Malware - Removal tool for pw.exe
