How to remove restartgbService.exe
- File Details
- Overview
- Analysis
restartgbService.exe
The module restartgbService.exe has been detected as Backdoor.Bladabindi
File Details
| MD5: |
731c1a57f4b423ac54b6efbe5a771e4d |
| Size: |
301 KB |
| First Published: |
2017-05-25 18:08:32 (7 years ago) |
| Latest Published: |
2018-09-26 14:10:45 (6 years ago) |
| Status: |
Backdoor.Bladabindi (on last analysis) |
|
| Analysis Date: |
2018-09-26 14:10:45 (6 years ago) |
| %programfiles%\gbillingserver\serverupdate\client |
| %programfiles%\gbillingserver\serverupdate |
| %sysdrive%\gbillingserver\serverupdate |
| %sysdrive%\pmtt\gbillingserver\serverupdate |
| %sysdrive%\backup\gbillingserver\serverupdate |
| Vietnam |
63.6% |
|
| Philippines |
18.2% |
|
| Indonesia |
9.1% |
|
| Thailand |
9.1% |
|
| Windows 7 |
81.8% |
|
| Windows XP |
9.1% |
|
| Windows 8.1 |
9.1% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000b9e70 |
| Name |
Size of data |
MD5 |
| UPX0 |
0 |
00000000000000000000000000000000 |
| UPX1 |
270848 |
ef7bfab6fb38197650c69718a9436dfe |
| .rsrc |
36352 |
f54fa6c715afbe2bf1b73f5bed81388c |
