How to remove ChangeIcon.exe
- File Details
- Overview
- Analysis
ChangeIcon.exe
The module ChangeIcon.exe has been detected as Ransom.Wacatac
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
5aa48c5c2b14ed0fc1938e368fd51b4a |
| Size: |
216 KB |
| First Published: |
2024-05-11 23:01:01 (2 years ago) |
| Latest Published: |
2024-10-18 23:01:59 (a year ago) |
| Status: |
Ransom.Wacatac (on last analysis) |
|
| Analysis Date: |
2024-10-18 23:01:59 (a year ago) |
Overview
| Signed By: |
IObit CO., LTD |
| Status: |
Invalid (digital signature could be stolen or file could be patched) |
| %profile%\downloads\morphs_installs_april_2024-teamos\morphs_installs_april_2024-teamos\installs\ntlite\iobitdriverboosterportable.exe\iobit driver booster pro 11.4.0.60 portable\app |
| %programfiles%\iobit\driver booster |
| %profile%\downloads\new folder\iobit.driver.booster.pro.11.5.0.85\portable\app |
| %programfiles%\iobit\driver booster |
| %profile%\downloads\iobit driver booster pro portable\driverboosterportable_11.5.0.83\app |
| %programfiles%\iobit\driver booster |
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0002341c |
| Name |
Size of data |
MD5 |
| .text |
137216 |
a9ab2fc3d7d7a8ee0d78fdc15fdaf5c6 |
| .itext |
1536 |
6585e9ad33eba6306a5bf327af08b0f6 |
| .data |
4096 |
16c1b051106e21c97ba69d1867ddb55a |
| .bss |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| .idata |
4096 |
a5f99af949978e1c1d5e2d601c056a11 |
| .tls |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| .rdata |
512 |
d69f63dcb87e5e70d2ae8bf46ba5be56 |
| .reloc |
10752 |
72bb6b0ba1e01cdd83891b171e50be11 |
| .rsrc |
43520 |
2bd3f438d4bd0e341f000ff729706ab7 |
