How to remove 5iL1Fr.exe
5iL1Fr.exe
The module 5iL1Fr.exe has been detected as Ransom.Sabsik
File Details
| Product Name: | WEBPLAYER |
| MD5: | 297205dbdb7f40b8179a8f7b564eba00 |
| Size: | 3 MB |
| First Published: | 2023-02-03 23:27:06 (2 years ago) |
| Latest Published: | 2023-02-13 23:32:14 (2 years ago) |
| Status: | Ransom.Sabsik (on last analysis) | |
| Analysis Date: | 2023-02-13 23:32:14 (2 years ago) |
Common Places:
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
| %sysdrive%\windows.old\users\maxuel\appdata\roaming |
Geography:
| 20.0% | ||
| 20.0% | ||
| 20.0% | ||
| 20.0% | ||
| 20.0% |
OS Version:
| Windows 10 | 60.0% | |
| Windows 7 | 40.0% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00138d9d |
PE Sections:
| Name | Size of data | MD5 |
| .text | 2928640 | 4f3ec48bdd56ce3b8c477ef60578fa0b |
| .rdata | 901120 | 5c371c39f1681be13763370a9b46a3cf |
| .data | 58880 | 416a87fb3adf143127146e6011caaac8 |
| .rsrc | 1024 | 8e56e46a40601c0a8628619d9ff88883 |
| .reloc | 126464 | f156b54955162e1bfc4f3abbdba5b238 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for 5iL1Fr.exe
