How to remove wupdate.exe
- File Details
- Overview
- Analysis
wupdate.exe
The module wupdate.exe has been detected as Trojan.LoadMoney
File Details
| MD5: |
a141a722eff0152216738b895b693c5a |
| Size: |
132 KB |
| First Published: |
2017-06-29 09:08:57 (7 years ago) |
| Latest Published: |
2018-10-13 13:07:41 (6 years ago) |
| Status: |
Trojan.LoadMoney (on last analysis) |
|
| Analysis Date: |
2018-10-13 13:07:41 (6 years ago) |
Overview
| %localappdata%\microsoft\windows\temporary internet files\content.ie5\avs3k0lg |
| %localappdata%\microsoft\windows\temporary internet files\content.ie5\2af7zmue |
| %localappdata%\microsoft\windows\inetcache\ie\y1fbvxow |
| %localappdata%\microsoft\windows\temporary internet files\content.ie5\p8vpmpgd |
| %localappdata%\microsoft\windows\temporary internet files\content.ie5\6imdtnki |
| %localappdata%\microsoft\windows\inetcache\ie |
| %localappdata%\microsoft\windows\temporary internet files\content.ie5 |
| %localappdata% |
|
36.4% |
|
|
18.2% |
|
|
18.2% |
|
|
9.1% |
|
|
9.1% |
|
|
9.1% |
|
| Windows 7 |
81.8% |
|
| Windows 8.1 |
18.2% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00006f09 |
| Name |
Size of data |
MD5 |
| .text |
90112 |
953247f9b2ddd649e5ee67771abe052a |
| .rdata |
30208 |
2913f829a2b8227aeda29a37df95ab06 |
| .data |
2560 |
edc8cc9681bf56740c1f2ea117c2aa96 |
| .gfids |
512 |
3ca619559fccd852e190aea4832ba6d9 |
| .tls |
512 |
1f354d76203061bfdd5a53dae48d5435 |
| .rsrc |
512 |
e8f29e6669a480a4d72efeb174b889d9 |
| .reloc |
5120 |
2dacbe3a1b9fc3cb2bc77ca0eb3dc48f |
