How to remove uni.exe
uni.exe
The module uni.exe has been detected as Backdoor.Gen
File Details
| Product Name: | DarkComet-RAT |
| Company Name: | Unremote.org |
| MD5: | d761f3aa64064a706a521ba14d0f8741 |
| Size: | 11 MB |
| First Published: | 2017-06-09 01:09:36 (8 years ago) |
| Latest Published: | 2024-09-07 23:01:14 (a year ago) |
| Status: | Backdoor.Gen (on last analysis) | |
| Analysis Date: | 2024-09-07 23:01:14 (a year ago) |
Common Places:
| %localappdata%\temp |
| %profile%\downloads\darkcomet - v.5.3.1 fwb |
| %desktop%\rat\dcrat |
| %desktop%\ \rat\ratlar\darkcomet 5.3.1 |
| %desktop%\darkcomet v5.3\darkcomet v5.3\darkcomet v5.3\darkcomet v5.3\darkcomet v5.3\darkcomet v5.3 |
| %profile%\downloads\darkcomet 5.3.1\darkcomet 5.3.1 |
| %desktop%\darkcomet 5.3.1 |
| %desktop%\hack stuff\rat\darkcomet 5.3.1 |
| %desktop%\darkcomet - v.5.3.1 fwb |
| %profile%\downloads\dark comet rat collection [zyklon]\darkcomet v5.3.rar\darkcomet v5.3 |
File Names:
| DARKCOMET.EXE |
| uni.exe |
| DarkComet - v.5.3.1 FWB.exe |
| DarkComet.exe |
| DarkComet RAT v5.3.1.exe |
| LBVSITYFHCGFJVXGNGWHJECVPIEZMXU2..EXE |
| darkcomet - v.5.3.1 fwb.exe |
| darkcomet.exe |
| $R00KATJ.bin |
| DarkComet.exe.quarantined |
Geography:
| 55.6% | ||
| 14.8% | ||
| 8.6% | ||
| 2.5% | ||
| 2.5% | ||
| 2.5% | ||
| 2.5% | ||
| 1.2% | ||
| 1.2% | ||
| 1.2% | ||
| 1.2% | ||
| 1.2% | ||
| 1.2% | ||
| 1.2% | ||
| 1.2% | ||
| 1.2% |
OS Version:
| Windows 10 | 65.0% | |
| Windows 7 | 18.8% | |
| Windows 8.1 | 8.8% | |
| Windows Embedded 8.1 | 2.5% | |
| Windows 8 | 2.5% | |
| Windows Server 2012 R2 | 2.5% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x004363c0 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 4402688 | 00505c342af8e243752897bbaaab3a30 |
| .itext | 10752 | dddb0de4c01bdee1acbc3dc36ffb5c9e |
| .data | 78848 | d4458bedf6f3b330531e73ea67405c68 |
| .bss | 0 | 00000000000000000000000000000000 |
| .idata | 21504 | 462cd6fc664b7d9401d24774e2e3f66e |
| .didata | 1536 | 0fadaa4827d0742e4af764ae72a5f58c |
| .tls | 0 | 00000000000000000000000000000000 |
| .rdata | 512 | 1d89e9fe023c10c50fcb63ebd8d2a419 |
| .reloc | 317952 | 47e0ae7e1d197f87e2827c094e5076da |
| .rsrc | 6989312 | a37b7eaade1e17ffe9b9cd1ccfaa755f |
More information:
Download GridinSoft
Anti-Malware - Removal tool for uni.exe
