How to remove EgisInitialWmiEnv.exe

EgisInitialWmiEnv.exe

The module EgisInitialWmiEnv.exe has been detected as Ransom.Exp

EgisInitialWmiEnv.exe
Remove EgisInitialWmiEnv.ex

File Details

Product Name:

ProShield
Company Name:

Egis Technology Inc.

MD5: b3f9b86ac88298df104c24f749ea44aa
Size: 184 KB
First Published: 2020-09-21 10:34:34 (5 years ago)
Latest Published: 2023-05-24 23:26:37 (2 years ago)
Status: Ransom.Exp (on last analysis)
Analysis Date: 2023-05-24 23:26:37 (2 years ago)

Common Places:

%programfiles%\windowsapps
%programfiles%\windowsapps
%programfiles%\windowsapps
%programfiles%\windowsapps
%programfiles%\windowsapps
%programfiles%\windowsapps
%programfiles%\windowsapps

Geography:

28.6%
14.3%
14.3%
14.3%
14.3%
14.3%

OS Version:

Windows 10 100.0%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00006d10

PE Sections:

Name Size of data MD5
.text 88576 f229b576951f7b010e0f95b2df0914d7
.rdata 16896 d872d27b2bf0049c815c4a0cf0dd6dd0
.data 5632 7c8547eb5e3bbbdcc00ab0e89403744b
.rsrc 68608 b2cd8d5489c4cf6458370ec25d322193
.reloc 8192 1ce11bd6b0c7d95d10dd6efc7753a0b4

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for EgisInitialWmiEnv.exe
copyright for information about EgisInitialWmiEnv.exe