How to remove winserv.exe
- File Details
- Overview
- Analysis
winserv.exe
The module winserv.exe has been detected as Trojan.Sabsik
File Details
Product Name: |
|
Company Name: |
|
MD5: |
3f4f5a6cb95047fea6102bd7d2226aa9 |
Size: |
10 MB |
First Published: |
2022-07-14 23:21:03 (2 years ago) |
Latest Published: |
2025-01-30 23:01:13 (a week ago) |
Status: |
Trojan.Sabsik (on last analysis) |
|
Analysis Date: |
2025-01-30 23:01:13 (a week ago) |
%commonappdata% |
%commonappdata% |
%commonappdata% |
%commonappdata% |
%commonappdata% |
%commonappdata% |
%commonappdata% |
%commonappdata% |
%commonappdata% |
%commonappdata% |
|
54.6% |
|
|
12.9% |
|
|
4.3% |
|
|
3.9% |
|
|
3.6% |
|
|
1.4% |
|
|
1.4% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
Windows 10 |
96.5% |
|
Windows 7 |
3.5% |
|
Analysis
Subsystem: |
Windows GUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x00400000 |
Entry Address: |
0x0077b96c |
Name |
Size of data |
MD5 |
.tls |
10560512 |
2e7ca63fa88daeae7fd9830b8655abbd |
.rsrc |
92160 |
64ab199fce033650bbe20cf75c3e3597 |
.idata |
22528 |
46c8ceb8f393fdd5b905455c1e58401f |