How to remove 17D8.exe
17D8.exe
The module 17D8.exe has been detected as Ransom.Wacatac
File Details
| Product Name: | Telegram Desktop |
| Company Name: | Telegram FZ-LLC |
| MD5: | 3fcdfdf20ad07d2c5cfda2d54126b102 |
| Size: | 6 MB |
| First Published: | 2024-01-13 23:43:09 (a year ago) |
| Latest Published: | 2024-01-14 23:16:47 (a year ago) |
| Status: | Ransom.Wacatac (on last analysis) | |
| Analysis Date: | 2024-01-14 23:16:47 (a year ago) |
Common Places:
| %temp% |
| %temp% |
Geography:
| 50.0% | ||
| 50.0% |
OS Version:
| Windows 10 | 100.0% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000140000000 |
| Entry Address: | 0x000014c0 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 2425856 | fe4e8e15287e492529f60c9632d2a7dc |
| .data | 308736 | 02e2d2197722e81b4b81e8d76e6dd9f4 |
| .rdata | 4054016 | ec3c00d56411ceb4b818f37fef251b57 |
| .pdata | 76288 | ff137dc3b6716f6a814e8742f281e1ae |
| .xdata | 3584 | 209fb451314460ed0824ee3bf36822a6 |
| .bss | 0 | d41d8cd98f00b204e9800998ecf8427e |
| .edata | 512 | c4d9739b7836fe8d4c481ceb08e38a0a |
| .idata | 5120 | e904a19d61824fa610630607f72e9dea |
| .CRT | 512 | f435603d087ba5e7314ad6c332b0633e |
| .tls | 512 | bf619eac0cdf3f68d496ea9344137e8b |
| .rsrc | 70144 | c102b298b46d313aa6d42ff2cdcb309f |
| .reloc | 57856 | c64252a3cea40c652b47fc1085ea25c0 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for 17D8.exe
