How to remove s.exe

» File
File Details
Overview
Analysis

s.exe

The module s.exe has been detected as Virtool.ShadowBrokers

s.exe

Remove s.exe

File Details

Main Info:

MD5:	c097fd043d3cbabcada0878505c7afa5
Size:	14 KB
First Published:	2017-09-29 03:05:12 (7 years ago)
Latest Published:	2024-04-03 23:07:06 (a year ago)

Analysis:

Status:	Virtool.ShadowBrokers (on last analysis)
Analysis Date:	2024-04-03 23:07:06 (a year ago)

Common Places:

%windir%\setup\fou

%system%\mfen.exe

%windir%\system32

%sysdrive%\$recycle.bin\s-1-5-21-2570348591-2767011175-3200952900-1016\$ro0c72t.rar\445\scan

%windir%\syswow64

%commonappdata%\microsoft\network

%system%

%commonappdata%\microsoft

%commonappdata%

%windir%\setup

File Names:

ss.exe

s.exe

alg.exe

jvav.exe

ss.exe.quarantined

360rp.exe

w3wp.exe

taskhost.exe

taskhost.exe.quarantined

svchost.exe

taskhosts.exe

$R6DL3UA.exe

$R92A5X7.exe

Geography:

	21.3%
	16.9%
	11.1%
	10.4%
	9.4%
	7.5%
	4.4%
	2.9%
	2.3%
	1.6%
	1.3%
	1.3%
	1.2%
	1.1%
	0.9%
	0.8%
	0.8%
	0.8%
	0.6%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.2%
	0.2%
	0.2%
	0.2%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%

OS Version:

Windows 7	80.4%
Windows Server 2008 R2	11.9%
Windows 10	3.1%
Windows Server 2003	1.7%
Windows Server 2012 R2	1.2%
Windows XP	0.9%
Windows Server 2012	0.3%
Windows Web Server 2008 R2	0.2%
Windows Vista	0.2%
Windows Server 2016	0.2%
Windows 8.1	0.1%

Analysis

PE Info:

Subsystem:	Windows CUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00001dea

PE Sections:

Name	Size of data	MD5
.text	14336	242cce8d16b18b224cc6d741b378ad35

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for s.exe

copyright for information about s.exe