How to remove 4043.tmp.exe

4043.tmp.exe

The module 4043.tmp.exe has been detected as Ransom.Wacatac

4043.tmp.exe
Remove 4043.tmp.exe

File Details

Product Name:

Windows® Internet Explorer
Company Name:

Microsoft Corporation
MD5: 36ceff9a1309ba3943c6c9285c18399c
Size: 4 MB
First Published: 2021-01-08 00:51:18 (4 years ago)
Latest Published: 2021-01-08 13:23:07 (4 years ago)
Status: Ransom.Wacatac (on last analysis)
Analysis Date: 2021-01-08 13:23:07 (4 years ago)

Overview

Signed By: CPUID S.A.R.L.U.
Status: Invalid (digital signature could be stolen or file could be patched)

Common Places:

%temp%
%temp%

OS Version:

Windows 10 50.0%
Windows 7 50.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00006897

PE Sections:

Name Size of data MD5
.text 24576 0e5b7c4ec989bb777c6fbf0a1cd84794
.data 1024 27b3fb2f9d6a275356ae6b7aafacc75e
.idata 4608 b1ebf4cc039d0487028fa3142ea98061
.rsrc 4804608 3c0b8aaeb02237084314e5dcfcadc95a
.reloc 3072 39c45ed74aa4b48de090fbb3b1d93bbb

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for 4043.tmp.exe
copyright for information about 4043.tmp.exe