How to remove 1889.exe
1889.exe
The module 1889.exe has been detected as Ransom.STOP
File Details
| Product Name: | Pircuzar |
| MD5: | fa0fdb300f7d2b2f4971908b19796c47 |
| Size: | 818 KB |
| First Published: | 2024-03-18 23:02:23 (2 years ago) |
| Latest Published: | 2024-03-18 23:02:23 (2 years ago) |
| Status: | Ransom.STOP (on last analysis) | |
| Analysis Date: | 2024-03-18 23:02:23 (2 years ago) |
Common Places:
| %sysdrive%\windows.old\users\ik10\appdata\local |
Geography:
| 100.0% |
OS Version:
| Windows 10 | 100.0% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x0000b0f0 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 91136 | b36609064a759f4e869e91e50dcb39a3 |
| .data | 665600 | 3fb18a37ce9b570b22910eaa74c3d82e |
| .idata | 3072 | 393f01e0c11585b239f902983e6eacae |
| .yovur | 1024 | 0f343b0931126a20f133d67c2b018a3b |
| .hira | 6656 | 3c63825015aabd810674f44afac6d12b |
| .cet | 1024 | 0f343b0931126a20f133d67c2b018a3b |
| .rsrc | 68096 | bde9ce884c36a824fbe8ffe113ec7e38 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for 1889.exe
