How to remove 1207.exe
1207.exe
The module 1207.exe has been detected as Ransom.Sabsik
File Details
| Product Name: | mobility_costruction_dcf |
| MD5: | cd92a14063178c29d76e23b79b119f28 |
| Size: | 2 MB |
| First Published: | 2023-10-22 23:00:58 (2 years ago) |
| Latest Published: | 2023-10-22 23:00:58 (2 years ago) |
| Status: | Ransom.Sabsik (on last analysis) | |
| Analysis Date: | 2023-10-22 23:00:58 (2 years ago) |
Overview
| Signed By: | GRETECH |
| Status: | Invalid (digital signature could be stolen or file could be patched) |
Common Places:
| %temp% |
Geography:
| 100.0% |
OS Version:
| Windows 10 | 100.0% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00506a88 |
PE Sections:
| Name | Size of data | MD5 |
| 386560 | 573a288ab7e025c20428688ececce230 | |
| .rsrc | 114688 | 3aa8677c5ce465ea498083c79ae98c15 |
| 512 | 65336415424030c092cc7dff3bfe5e7d | |
| .idata | 512 | d4e500a4107a9d57df86ee433a436545 |
| .themida | 0 | d41d8cd98f00b204e9800998ecf8427e |
| .boot | 1784320 | 5123c36e648c482bdd6c87773c87ac01 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for 1207.exe
