How to remove shift_proxy.exe
- File Details
- Overview
- Analysis
shift_proxy.exe
The module shift_proxy.exe has been detected as Trojan.Gen
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
03be0d5e80d1ae1643954c7e128c0283 |
| Size: |
1 MB |
| First Published: |
2025-01-25 23:05:25 (10 months ago) |
| Latest Published: |
2025-06-03 23:00:39 (5 months ago) |
| Status: |
Trojan.Gen (on last analysis) |
|
| Analysis Date: |
2025-06-03 23:00:39 (5 months ago) |
| %localappdata%\shift |
| %localappdata%\shift |
| %localappdata%\shift |
| %localappdata%\shift |
| %localappdata%\shift |
| %localappdata%\shift |
| %localappdata%\shift |
| %localappdata%\shift |
| %localappdata%\shift |
| %localappdata%\shift |
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000140000000 |
| Entry Address: |
0x00099140 |
| Name |
Size of data |
MD5 |
| .text |
822272 |
c3f5166b82ba71da64625b8d1bdc4317 |
| .rdata |
162304 |
ee5befb9cb41a545e761d9d72ea5ad9c |
| .data |
63488 |
5ae654d599c75812767bd74ae0003573 |
| .pdata |
31232 |
810522164a44d9f7992521cd3bb3a2ee |
| .00cfg |
512 |
e4aa48fde123624ce0875c94806241b8 |
| .gxfg |
10752 |
46fb549e030e1358e4fe37f04a65142e |
| .retplne |
512 |
8c950f651287cbc1296bcb4e8cd7e990 |
| .tls |
512 |
770923a5eeb4b2ce7e46e362841b1cde |
| _RDATA |
512 |
089f051a2f41506267b1d2f85c9b0632 |
| malloc_h |
512 |
02d223d31975cee9717e1dba0104971f |
| .rsrc |
2560 |
d8f32650dc629c536a1ea00dc0b61059 |
| .reloc |
5632 |
63488f9ff57de7ec03594869dacda946 |
