How to remove PECMD.exe
PECMD.exe
The module PECMD.exe has been detected as Ransom.Wacatac
File Details
| Product Name: | PECMD |
| Company Name: | DSystem |
| MD5: | d2bfc32100b2c74a33048f7a1a9b3557 |
| Size: | 430 KB |
| First Published: | 2025-01-06 23:00:49 (10 months ago) |
| Latest Published: | 2025-01-06 23:00:49 (10 months ago) |
| Status: | Ransom.Wacatac (on last analysis) | |
| Analysis Date: | 2025-01-06 23:00:49 (10 months ago) |
Common Places:
| %sysdrive%\downloads\programs\7upv64m\7upv64m\bin\menux86\windows |
| %sysdrive%\downloads\programs\7upv64m\7upv64m |
Geography:
| 100.0% |
OS Version:
| Windows 10 | 100.0% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x000c82db |
PE Sections:
| Name | Size of data | MD5 |
| .MPRESS1 | 416256 | f9a804d02f6a1c39785e2107b14d8700 |
| .MPRESS2 | 4096 | 099961f91060848b68fa63d2dc6416d2 |
| .rsrc | 19968 | 4c1ce47248ec9b738271b6f6e6309819 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for PECMD.exe
