How to remove system32.exe

» File
File Details
Overview
Analysis

system32.exe

The module system32.exe has been detected as Trojan.Agent

system32.exe

Remove system32.exe

File Details

Main Info:

Product Name:	WindowsFormsApplication1
MD5:	3d652375fd511878f410fb1048e47f83
Size:	122 KB
First Published:	2017-06-25 13:03:57 (8 years ago)
Latest Published:	2021-01-06 17:28:43 (4 years ago)

Analysis:

Status:	Trojan.Agent (on last analysis)
Analysis Date:	2021-01-06 17:28:43 (4 years ago)

Common Places:

%windir%\tasks

%tasks%

%tasks%

%desktop%\new folder

%desktop%\new folder

%tasks%

%desktop%\new folder

Geography:

100.0%

OS Version:

Windows Server 2012 R2	71.4%
Windows 7	28.6%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00012b4e

.NET Info:

MVID:	fe3f7dbb-61dd-4f58-a33d-74e186514b2a
Typelib ID:	72e49479-029f-463c-8b3e-45fd7b43cf5f

PE Sections:

Name	Size of data	MD5
.text	68608	4077d6d15d9f30964d6d92590c9f50f5
.rsrc	55808	d7193aa85eb27126eacb26a8648f7b70
.reloc	512	8e1b11e7cf687f33e5db36ea6d380731

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for system32.exe

copyright for information about system32.exe