How to remove updatewin.exe
- File Details
- Overview
- Analysis
updatewin.exe
The module updatewin.exe has been detected as Trojan.Agent
File Details
MD5: |
9010fa92cc83afe00fab38703e6ffa77 |
Size: |
208 KB |
First Published: |
2020-12-04 17:06:57 (3 years ago) |
Latest Published: |
2022-01-01 21:35:24 (2 years ago) |
Status: |
Trojan.Agent (on last analysis) |
|
Analysis Date: |
2022-01-01 21:35:24 (2 years ago) |
%localappdata% |
%localappdata% |
%localappdata% |
%localappdata% |
%localappdata% |
%localappdata% |
%localappdata% |
%localappdata% |
%localappdata% |
%localappdata% |
|
19.5% |
|
|
13.0% |
|
|
8.0% |
|
|
5.3% |
|
|
3.7% |
|
|
3.2% |
|
|
3.1% |
|
|
2.7% |
|
|
2.3% |
|
|
2.3% |
|
|
1.8% |
|
|
1.8% |
|
|
1.6% |
|
|
1.6% |
|
|
1.6% |
|
|
1.4% |
|
|
1.3% |
|
|
1.1% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
0.8% |
|
|
0.8% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
Windows 10 |
61.1% |
|
Windows 7 |
29.5% |
|
Windows 8.1 |
7.8% |
|
Windows 8 |
1.6% |
|
Analysis
Subsystem: |
Windows GUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x00400000 |
Entry Address: |
0x0001ceba |
Name |
Size of data |
MD5 |
.text |
172032 |
1170b4c7f4f36cc346254ca90c6a3179 |
.rdata |
32256 |
d3a4689c2861dc0712071a032a6aefb1 |
.data |
2560 |
3916e85ff3534776a604c76bfd036038 |
.reloc |
5632 |
07c9a6f1d748327d2da52da494a19b26 |