How to remove EFfI.dll

EFfI.dll

The module EFfI.dll has been detected as Ransom.Wacatac

EFfI.dll
Remove EFfI.dll

File Details

Product Name:

EFfI
Company Name:

©kms
MD5: 6be003956d0ac8b51cd491fbbb275671
Size: 19 MB
First Published: 2020-07-21 03:16:19 (4 years ago)
Latest Published: 2025-04-02 23:01:23 (2 months ago)
Status: Ransom.Wacatac (on last analysis)
Analysis Date: 2025-04-02 23:01:23 (2 months ago)

Common Places:

%sysdrive%
%desktop%\fait inno off\allimmo\all_immo_programs
%profile%\videos\desktop\ملفات المحل\مجلد جديد\effi
%desktop%\im
%sysdrive%\gift all off\immo off pin software + archivos\effi zedbull v2.7.2\effi zedbull v2.7.2.rar

Geography:

20.0%
20.0%
20.0%
20.0%
20.0%

OS Version:

Windows 7 40.0%
Windows 10 40.0%
Windows 8.1 20.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x020f1cba

PE Sections:

Name Size of data MD5
.text 4055796 f88b654eb1ac97e80f09a10723c3d749
.itext 11672 e16ef4e0959ba2d9339f34deb24116be
.data 240916 bff3be380abc485ad8eb9b6c9227e34f
.bss 348592 97b61a43dd1b759bdae2dfa6c6e60efb
.idata 17200 9d716feee0679b3ae767e78f69b582db
.didata 1104 19e59b44356b8283d32d9f951f7b072a
.tls 72 ac3b5a19643ee5816a1df17f2fadaae3
.rdata 24 96849b22496360746f71a42de3a278b4
.UPX0 7350599 4bd0c3ee94147b4146d1fc6015fcca13
.UPX1 8409701 4ef827a2d70419204cdf36fb3b21954c
.rsrc 11566 2dc49efb7f85c8379fd5be1fc59c0e22
IAT_SEC_ 85400 c2dd0e44d0c20da71a43de5bc3c112c7
LOCAL_AD 512 25291f6c8ac013f64712a163826a427c
HEAP_AD_ 28672 0cdd2eeaef54e80fa8708db673ec9e52
RES_AD_R 40960 d6a2c8272372c989db4c123e5a1196ed

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for EFfI.dll
copyright for information about EFfI.dll