How to remove PRSBCOTdjAWwaIJueTCoIsTB.exe

» File
File Details
Overview
Analysis

PRSBCOTdjAWwaIJueTCoIsTB.exe

The module PRSBCOTdjAWwaIJueTCoIsTB.exe has been detected as Ransom.Wacatac

PRSBCOTdjAWwaIJueTCoIsTB.exe

Remove PRSBCOTdjAWwaIJueTCo

File Details

Main Info:

MD5:	889b577a16bab0dc5d8a08a6600a8aac
Size:	4 MB
First Published:	2023-11-28 23:05:10 (2 years ago)
Latest Published:	2023-11-28 23:05:10 (2 years ago)

Analysis:

Status:	Ransom.Wacatac (on last analysis)
Analysis Date:	2023-11-28 23:05:10 (2 years ago)

Overview

Digital Signature

Signed By:	AMD Ryzen 7 5800X -- Vermeer
Status:	Valid

Common Places:

%profile%\pictures

Geography:

100.0%

OS Version:

Windows 10

100.0%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x0074def0

PE Sections:

Name	Size of data	MD5
	84992	aaefb28074b1964844891cc4167c62c6
	57344	b03f40ac0e345437184cccb330f7be75
	512	86f2a241820520f9392b027bf842e818
.idata	512	60355f6e3c1b94e17825c8067701a07f
.rsrc	7680	5a46869c28779f6f5d8b11f46a1fe282
.themida	0	d41d8cd98f00b204e9800998ecf8427e
.boot	4080640	fdc19e2a1941ecebd3c786ab213a1ba5

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for PRSBCOTdjAWwaIJueTCoIsTB.exe

copyright for information about PRSBCOTdjAWwaIJueTCoIsTB.exe