How to remove 6698c0ab59e68_aerosoft[1].exe

» File
File Details
Overview
Analysis

6698c0ab59e68_aerosoft[1].exe

The module 6698c0ab59e68_aerosoft[1].exe has been detected as Ransom.Wacatac

6698c0ab59e68_aerosoft[1].exe

Remove 6698c0ab59e68_aeroso

File Details

Main Info:

Product Name:	aerosoft
Company Name:	Advanced SystemCare IObit
MD5:	0891d36dd26059e8a74ada84fd9885e5
Size:	5 MB
First Published:	2024-07-19 23:01:05 (7 months ago)
Latest Published:	2024-07-20 23:02:47 (7 months ago)

Analysis:

Status:	Ransom.Wacatac (on last analysis)
Analysis Date:	2024-07-20 23:02:47 (7 months ago)

Overview

Digital Signature

Signed By:	REINVENTING MULTI-CORE ARCHITECTURE UP TO INTEL® CORE™ I7-12650H PROCESSOR
Status:	Valid

Common Places:

%localappdata%\microsoft\windows\temporary internet files\content.ie5

%mydoc%

%mydoc%

%sysdrive%\filehistory\emy\desktop-ief3t1s\data\c\users\emy\documents

Geography:

	50.0%
	25.0%
	25.0%

OS Version:

Windows 10	75.0%
Windows 7	25.0%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00507cce

PE Sections:

Name	Size of data	MD5
.text	5266944	5f69f22e6fd187734b15fc12be01367e
.sdata	1024	67650e91a3f1e5e9bb1c8948098de676
.rsrc	161280	ba362e8d6f7dd7072e861b36fb60a5bc
.reloc	512	243838aa56f77c9b3e3b9e8598b6a156

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for 6698c0ab59e68_aerosoft[1].exe

copyright for information about 6698c0ab59e68_aerosoft[1].exe