How to remove file[1].exe
- File Details
- Overview
- Analysis
file[1].exe
The module file[1].exe has been detected as Ransom.Gandcrab
File Details
| Company Name: |
|
| MD5: |
d0e8e888cbd04e817460c9e26d8d0b39 |
| Size: |
475 KB |
| First Published: |
2021-01-05 16:53:45 (4 years ago) |
| Latest Published: |
2021-01-11 21:11:47 (4 years ago) |
| Status: |
Ransom.Gandcrab (on last analysis) |
|
| Analysis Date: |
2021-01-11 21:11:47 (4 years ago) |
| %localappdata%\microsoft\windows\inetcache\ie |
| %localappdata%\microsoft\windows\inetcache\ie |
| %appdata% |
| %localappdata%\microsoft\windows\inetcache\ie |
| %appdata% |
| %appdata% |
| %localappdata%\microsoft\windows\temporary internet files\content.ie5 |
| %appdata% |
| %appdata% |
| %appdata% |
| Windows 10 |
91.7% |
|
| Windows 7 |
8.3% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000419a4 |
| Name |
Size of data |
MD5 |
| .text |
321536 |
a77de8b7d767e73592a5cbc0696f22ff |
| .rdata |
30208 |
c5739c584c06133daf5b7b7717289f38 |
| .data |
6144 |
70f29f1753c8d8554a60b4521ad6c2fd |
| .rsrc |
80384 |
f2f862776b8a4f8489f9b1adef83be67 |
| .reloc |
47616 |
a83769955d28efa271f51e8ec8202216 |
![file[1].exe](/screens/screen-d0e8e888cbd04e817460c9e26d8d0b39.png "Remove Ransom.Gandcrab")
![copyright for information about file[1].exe](/images/copyright.png)