How to remove 476fb3d64691c70eb889b0f145bd3a4b.zip
- File Details
- Overview
- Analysis
476fb3d64691c70eb889b0f145bd3a4b.zip
The module 476fb3d64691c70eb889b0f145bd3a4b.zip has been detected as Ransom.Zpevdo
File Details
| MD5: |
476fb3d64691c70eb889b0f145bd3a4b |
| Size: |
6 MB |
| First Published: |
2019-09-02 18:36:26 (6 years ago) |
| Latest Published: |
2021-01-01 12:08:11 (4 years ago) |
| Status: |
Ransom.Zpevdo (on last analysis) |
|
| Analysis Date: |
2021-01-01 12:08:11 (4 years ago) |
| %localappdata%\innovative solutions\drivermax\agent |
| %sysdrive%\$recycle.bin\s-1-5-21-3257705312-2217371411-430314674-1001\$rwev3cf\agent |
| %localappdata%\innovative solutions\drivermax\agent |
| %localappdata%\innovative solutions\drivermax\agent |
| %localappdata%\innovative solutions\drivermax\agent |
| %localappdata%\innovative solutions\drivermax\agent |
| %localappdata%\innovative solutions\drivermax\agent |
| %localappdata%\innovative solutions\drivermax\agent |
| %sysdrive%\windows.old\users\funtastiger\appdata\local\innovative solutions\drivermax\agent |
| %localappdata%\innovative solutions\drivermax\agent |
|
24.1% |
|
|
13.8% |
|
|
13.8% |
|
|
6.9% |
|
|
6.9% |
|
|
6.9% |
|
|
3.4% |
|
|
3.4% |
|
|
3.4% |
|
|
3.4% |
|
|
3.4% |
|
|
3.4% |
|
|
3.4% |
|
|
3.4% |
|
| Windows 10 |
83.3% |
|
| Windows 7 |
10.0% |
|
| Windows 8.1 |
6.7% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0001da8b |
| Name |
Size of data |
MD5 |
| .text |
166912 |
06c96275e6ee6660732df41e3f60e7fe |
| .rdata |
20992 |
a24b84a8f316720ac0a495805d407231 |
| .data |
5632 |
97b33de4f6c0dd8a60e7648d167a1c55 |
| .rsrc |
17920 |
751c4b05e26905d06665066cd00d8fd0 |
