How to remove 5.exe
5.exe
The module 5.exe has been detected as Ransom.Wacatac
File Details
| MD5: | a7ffc700eca3323c9bbe5aa9bd15f759 |
| Size: | 463 KB |
| First Published: | 2020-03-14 16:51:47 (5 years ago) |
| Latest Published: | 2021-01-12 17:24:10 (4 years ago) |
| Status: | Ransom.Wacatac (on last analysis) | |
| Analysis Date: | 2021-01-12 17:24:10 (4 years ago) |
Common Places:
| %localappdata% |
| %localappdata% |
| %localappdata% |
| %localappdata% |
| %localappdata% |
| %localappdata% |
| %localappdata% |
| %localappdata% |
| %localappdata% |
| %localappdata% |
Geography:
| 16.7% | ||
| 16.7% | ||
| 8.3% | ||
| 8.3% | ||
| 8.3% | ||
| 8.3% | ||
| 8.3% | ||
| 8.3% | ||
| 8.3% | ||
| 8.3% |
OS Version:
| Windows 10 | 53.8% | |
| Windows 7 | 46.2% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00001354 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 409088 | b17eeac0003649be07df20ad3642d60a |
| .rdata | 9216 | c3c5af01233b250c8ed2c387a856262a |
| .data | 16384 | 9f47ab30aee994d1a11f4561dd0c07ad |
| .xusesa | 512 | bf619eac0cdf3f68d496ea9344137e8b |
| .rsrc | 38400 | 007d666b9a490bcf1835bca1b0f6b7b0 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for 5.exe
