How to remove system32.exe
- File Details
- Overview
- Analysis
system32.exe
The module system32.exe has been detected as Trojan.Disfa
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
2809c27ff4dd7a526c79dc2082fec8b3 |
| Size: |
120 KB |
| First Published: |
2017-09-02 19:05:28 (7 years ago) |
| Latest Published: |
2020-06-17 08:25:26 (4 years ago) |
| Status: |
Trojan.Disfa (on last analysis) |
|
| Analysis Date: |
2020-06-17 08:25:26 (4 years ago) |
| %programs%\startup |
| %commonappdata%\windows_loader\windows loader\1.0.0.0\temp |
| %temp% |
| %startup% |
| %commonappdata%\windows_loader\windows loader\1.0.0.0 |
| %commonappdata%\windows_loader\windows loader\1.0.0.0 |
| 60f0d0e0d2dd518d7530a18795742b3f.exe |
| system32.exe |
|
36.4% |
|
|
27.3% |
|
|
18.2% |
|
|
9.1% |
|
|
9.1% |
|
| Windows 7 |
75.0% |
|
| Windows 10 |
25.0% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0001eb0e |
| Name |
Size of data |
MD5 |
| .text |
117760 |
e98f496321e8d64c32afd35d85e8c51e |
| .sdata |
1024 |
df11e2e30ad0edda2223ac0db9d1ee0a |
| .rsrc |
3072 |
327072627566dd3a7016e923c31f2e78 |
| .reloc |
512 |
7e06831ec7ab85dd952b5be3722a561a |
