How to remove 4929.exe
4929.exe
The module 4929.exe has been detected as Ransom.Wacatac
File Details
| Product Name: | ONLYOFFICE Editors |
| Company Name: | Ascensio System SIA |
| MD5: | db70afebd9b99c61e3a67f832c7f36e5 |
| Size: | 3 MB |
| First Published: | 2024-02-08 23:40:36 (a year ago) |
| Latest Published: | 2024-02-08 23:40:36 (a year ago) |
| Status: | Ransom.Wacatac (on last analysis) | |
| Analysis Date: | 2024-02-08 23:40:36 (a year ago) |
Overview
| Signed By: | Logitech H153 Wired Headset Black 2.0 overhead 20 Hz - 20000 Hz 22Ω corded cable - 1.8 m |
| Status: | Valid |
Common Places:
| %temp% |
Geography:
| 100.0% |
OS Version:
| Windows 10 | 100.0% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x0065cec0 |
PE Sections:
| Name | Size of data | MD5 |
| 84992 | 9a5a974eef88a5019995f58e18be32ce | |
| .rsrc | 101376 | eff41242109a5c27dcb51dedf36e8b13 |
| 512 | a23d36928c19d6342b0127c5f29ade5d | |
| .idata | 512 | df6e2b0aff55dc9f8eaa08bc2db11aca |
| .themida | 0 | d41d8cd98f00b204e9800998ecf8427e |
| .boot | 3995136 | 012dea3e027a6bd2585187fa4874d608 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for 4929.exe
