How to remove temp2.exe
temp2.exe
The module temp2.exe has been detected as Adware.Kraddare
File Details
| MD5: | a45b003068785c4646f7fcda0c5864f2 |
| Size: | 886 KB |
| First Published: | 2017-05-28 12:02:32 (7 years ago) |
| Latest Published: | 2019-12-15 17:40:06 (5 years ago) |
| Status: | Adware.Kraddare (on last analysis) | |
| Analysis Date: | 2019-12-15 17:40:06 (5 years ago) |
Overview
| Signed By: | Korea Contents Network |
| Status: | Valid |
Common Places:
| %localappdata%\wiseman |
| %localappdata%\wiseman_ |
| %sysdrive%\quarantine_mzk\folders\2016041521021224\wiseman.21.11.10.83 |
| %localappdata% |
| %sysdrive%\quarantine_mzk\folders\2018032011364745 |
| %sysdrive%\record\quarantine_mzk\folders\201508190044241 |
| %sysdrive%\quarantine_mzk\folders\201508190044241 |
| %localappdata% |
| %localappdata% |
| %desktop%\임수정샘 data\users\연수\appdata\local |
File Names:
| wmsn.exe |
| temp2.exe |
Geography:
| 96.4% | ||
| 3.6% |
OS Version:
| Windows 7 | 57.1% | |
| Windows 10 | 28.6% | |
| Windows 8 | 10.7% | |
| Windows 8.1 | 3.6% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x0024d001 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 555520 | a1d040120023d56ccf136a1dba6167c0 |
| .itext | 4096 | ab4646576f1e444fb783685330e489b8 |
| .data | 13824 | 425fd4d8d88900d73a8153e1a90f1a2d |
| .bss | 0 | 00000000000000000000000000000000 |
| .idata | 4608 | ad609f7b9612cb65d09c132e9d62367c |
| .didata | 1024 | 68e7d9e4f0f7bbfda01e721cc27e0bb0 |
| .tls | 0 | 00000000000000000000000000000000 |
| .rdata | 512 | 2d913a1b363961a1b8245975f8df6770 |
| .reloc | 0 | 00000000000000000000000000000000 |
| .rsrc | 16384 | b83f7b99d7f447a34435e18aaacfcf23 |
| .aspack | 303616 | 294f761a27b75a9c76ae1c8e545c622c |
| .adata | 0 | 00000000000000000000000000000000 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for temp2.exe
