How to remove QczZRZGIBxBxWBOCMRVplK0s.exe

» File
File Details
Overview
Analysis

QczZRZGIBxBxWBOCMRVplK0s.exe

The module QczZRZGIBxBxWBOCMRVplK0s.exe has been detected as Ransom.Sabsik

QczZRZGIBxBxWBOCMRVplK0s.exe

Remove QczZRZGIBxBxWBOCMRVp

File Details

Main Info:

Product Name:	InTouch
Company Name:	Schneider Electric Software, LLC.
MD5:	0280313f1615b19671760a7973462afa
Size:	3 MB
First Published:	2024-02-14 23:28:28 (a year ago)
Latest Published:	2024-02-14 23:28:28 (a year ago)

Analysis:

Status:	Ransom.Sabsik (on last analysis)
Analysis Date:	2024-02-14 23:28:28 (a year ago)

Common Places:

%mydoc%

Geography:

100.0%

OS Version:

Windows 10

100.0%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x005dfa20

PE Sections:

Name	Size of data	MD5
	84992	5721144392c6f702894ca7c3dee3fdc5
	120832	6e6ab298be7a9687f069b6e07a119f02
	512	9f81abae6ae284c68a7ed18af4cd06fa
.idata	512	e26f8b331243038cda7507c093d7348f
.rsrc	3584	20f2359c0bda34544ad556ffabc9220b
.themida	0	d41d8cd98f00b204e9800998ecf8427e
.boot	2987008	995b2a1ce08ec2faedfe4255f8c5ca8a

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for QczZRZGIBxBxWBOCMRVplK0s.exe

copyright for information about QczZRZGIBxBxWBOCMRVplK0s.exe