How to remove 17D8.exe

» File
File Details
Overview
Analysis

17D8.exe

The module 17D8.exe has been detected as Ransom.Wacatac

17D8.exe

Remove 17D8.exe

File Details

Main Info:

Product Name:	Telegram Desktop
Company Name:	Telegram FZ-LLC
MD5:	3fcdfdf20ad07d2c5cfda2d54126b102
Size:	6 MB
First Published:	2024-01-13 23:43:09 (2 years ago)
Latest Published:	2024-01-14 23:16:47 (2 years ago)

Analysis:

Status:	Ransom.Wacatac (on last analysis)
Analysis Date:	2024-01-14 23:16:47 (2 years ago)

Common Places:

%temp%

%temp%

Geography:

	50.0%
	50.0%

OS Version:

Windows 10

100.0%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000140000000
Entry Address:	0x000014c0

PE Sections:

Name	Size of data	MD5
.text	2425856	fe4e8e15287e492529f60c9632d2a7dc
.data	308736	02e2d2197722e81b4b81e8d76e6dd9f4
.rdata	4054016	ec3c00d56411ceb4b818f37fef251b57
.pdata	76288	ff137dc3b6716f6a814e8742f281e1ae
.xdata	3584	209fb451314460ed0824ee3bf36822a6
.bss	0	d41d8cd98f00b204e9800998ecf8427e
.edata	512	c4d9739b7836fe8d4c481ceb08e38a0a
.idata	5120	e904a19d61824fa610630607f72e9dea
.CRT	512	f435603d087ba5e7314ad6c332b0633e
.tls	512	bf619eac0cdf3f68d496ea9344137e8b
.rsrc	70144	c102b298b46d313aa6d42ff2cdcb309f
.reloc	57856	c64252a3cea40c652b47fc1085ea25c0

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for 17D8.exe

copyright for information about 17D8.exe