How to remove Rahaewilyku.exe

Rahaewilyku.exe

The module Rahaewilyku.exe has been detected as Ransom.Sabsik

Rahaewilyku.exe
Remove Rahaewilyku.exe

File Details

Product Name:

windows_update_hnaErG2E7PxmZWBZ
Company Name:

windows_update_hnaErG2E7PxmZWBZ
MD5: e720dee40a7b95d7b55309cafed44fe8
Size: 664 KB
First Published: 2022-03-20 23:17:06 (3 years ago)
Latest Published: 2022-03-21 23:23:45 (3 years ago)
Status: Ransom.Sabsik (on last analysis)
Analysis Date: 2022-03-21 23:23:45 (3 years ago)

Common Places:

%sysdrive%\windows.old\users\user\appdata\local\temp
%temp%
%temp%

Geography:

Brazil 100.0%

OS Version:

Windows 10 100.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x0004c6fe

.NET Info:

MVID: 671c4486-ac40-4153-9102-7f580a8a8fd5
Typelib ID: cea8bad3-ea1a-4a16-b8e1-340111b2ab0f

PE Sections:

Name Size of data MD5
.text 305152 89d29113de309255cc8a9cc0aa70ae39
.sdata 1024 4dc981489b72c0db957dcd75c149bfc8
.rsrc 372224 2d8872df6c8d1a31b6372cacb38fc69b
.reloc 512 fcce0b73975507d2c0cb3a1350a4cd74

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for Rahaewilyku.exe
copyright for information about Rahaewilyku.exe
­