How to remove winDecrypt.exe
- File Details
- Overview
- Analysis
winDecrypt.exe
The module winDecrypt.exe has been detected as Trojan.Agent
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
3fead428b22418fb8d96105c569f2444 |
| Size: |
840 KB |
| First Published: |
2017-05-28 19:07:26 (6 years ago) |
| Latest Published: |
2020-12-02 05:01:22 (3 years ago) |
| Status: |
Trojan.Agent (on last analysis) |
|
| Analysis Date: |
2020-12-02 05:01:22 (3 years ago) |
| %programfiles%\pdf password remover v3.0 |
| %desktop%\03 arquivo\priva\usb 16gb\downloads\pdf_password_remover\pdf_password_remover\pdf password remover 3.0 portable\portable_pdf_password_remover_3.0.exe |
| %temp% |
| %sysdrive%\google 드라이브\전자책프로그램\[kindle_dxg 사용법]\[킨들(kindle_dxg)사용및해킹법]\ebook프로그램 |
| %sysdrive%\dropbox\전자책프로그램\ebook프로그램 |
| %sysdrive%\google 드라이브\전자책프로그램\ebook프로그램 |
| %sysdrive%\dropbox\전자책프로그램\[kindle_dxg 사용법]\[킨들(kindle_dxg)사용및해킹법]\ebook프로그램 |
| %sysdrive%\dropbox\.dropbox.cache\2018-01-18 |
| %sysdrive%\downloads\pdf password remover 3 |
| %sysdrive%\luu c\soft |
|
13.9% |
|
|
13.9% |
|
|
8.3% |
|
|
8.3% |
|
|
5.6% |
|
|
5.6% |
|
|
5.6% |
|
|
5.6% |
|
|
5.6% |
|
|
2.8% |
|
|
2.8% |
|
|
2.8% |
|
|
2.8% |
|
|
2.8% |
|
|
2.8% |
|
|
2.8% |
|
|
2.8% |
|
|
2.8% |
|
|
2.8% |
|
| Windows 7 |
50.0% |
|
| Windows 10 |
44.7% |
|
| Windows 8.1 |
5.3% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000655bd |
| Name |
Size of data |
MD5 |
| unpacked |
536576 |
cee5f2daa6505edc043e86c2e0a90fc2 |
| unpacked |
303104 |
d7ac0dad6ce1fcf65654cc2487111ff9 |
| unpacked |
8192 |
4d99574d24a397af41c6b5d95fcd8502 |
| .snaker |
8192 |
2bdf0a7e52d07f748a7d6566aaec66cd |
