How to remove pwdremover.exe
- File Details
- Overview
- Analysis
pwdremover.exe
The module pwdremover.exe has been detected as Trojan.Agent
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
fe3efaeec47e5a0f60fe1a13c3073d66 |
| Size: |
1 MB |
| First Published: |
2018-06-08 09:03:58 (6 years ago) |
| Latest Published: |
2024-05-25 23:02:02 (7 months ago) |
| Status: |
Trojan.Agent (on last analysis) |
|
| Analysis Date: |
2024-05-25 23:02:02 (7 months ago) |
Overview
| %desktop% |
| %profile% |
| %sysdrive%\desktop\update file's\my coolication\rest password windows\pdf password remover 3.1.rar |
| %profile% |
| %profile%\downloads\compressed\verypdf pdf password remover 6.0_with_valid_crcak.rar |
| %sysdrive%\$recycle.bin |
|
16.7% |
|
|
16.7% |
|
|
16.7% |
|
|
16.7% |
|
|
16.7% |
|
|
16.7% |
|
| Windows 10 |
66.7% |
|
| Windows 8.1 |
16.7% |
|
| Windows 7 |
16.7% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0000a5f8 |
| Name |
Size of data |
MD5 |
| CODE |
40448 |
c3bd95c4b1a8e5199981e0d9b45fd18c |
| DATA |
1024 |
1ee71d84f1c77af85f1f5c278f880572 |
| BSS |
0 |
00000000000000000000000000000000 |
| .idata |
2560 |
bb5485bf968b970e5ea81292af2acdba |
| .tls |
0 |
00000000000000000000000000000000 |
| .rdata |
512 |
9ba824905bf9c7922b6fc87a38b74366 |
| .reloc |
0 |
00000000000000000000000000000000 |
| .rsrc |
11264 |
56757dcc6479ee462f3468feb4100273 |
