How to remove registration.exe

» File
File Details
Overview
Analysis

registration.exe

The module registration.exe has been detected as Worm.Ramnit

registration.exe

Remove registration.exe

File Details

Main Info:

Product Name:	Corel Corporation Registration
Company Name:	Corel Corporation
MD5:	38e521012dce0f68f62304249d287f9c
Size:	784 KB
First Published:	2019-09-11 15:17:52 (5 years ago)
Latest Published:	2019-09-11 15:17:52 (5 years ago)

Analysis:

Status:	Worm.Ramnit (on last analysis)
Analysis Date:	2019-09-11 15:17:52 (5 years ago)

Common Places:

%sysdrive%\coreldraw11\program files\corel\corel graphics 11

Geography:

100.0%

OS Version:

Windows 7

100.0%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00092000

PE Sections:

Name	Size of data	MD5
.text	208896	4925f0bf77405f3ba00c91d5ad008b72
.rdata	49152	7d0bc684322c3d419133b081e8df9a79
.data	20480	94af7467bd107126d91ac6588cf3991f
.rsrc	32768	6c299f08276621eae0c955c0f8679a17
.text	258048	9d4b53c95ce024726eee8fd6e6599cb7
lyjtihd	0	00000000000000000000000000000000
.text	229376	27abb4deba4682ac8675e730d260c16a

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for registration.exe

copyright for information about registration.exe