How to remove RFTQJiBhqeeeVEzfKw_tK3Ws.exe

RFTQJiBhqeeeVEzfKw_tK3Ws.exe

The module RFTQJiBhqeeeVEzfKw_tK3Ws.exe has been detected as Ransom.Wacatac

RFTQJiBhqeeeVEzfKw_tK3Ws.exe
Remove RFTQJiBhqeeeVEzfKw_t

File Details

Product Name:

VH Video SDK
Company Name:

SplitmediaLabs Limited
MD5: 55e9cfd2fe4b28e97d3f43b9da3070f4
Size: 2 MB
First Published: 2021-10-31 21:15:22 (4 years ago)
Latest Published: 2021-10-31 21:24:05 (4 years ago)
Status: Ransom.Wacatac (on last analysis)
Analysis Date: 2021-10-31 21:24:05 (4 years ago)

Common Places:

%sysdrive%\sistema\imagenes
%sysdrive%\sistema\imagenes

Geography:

100.0%

OS Version:

Windows 10 100.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00476ec8

PE Sections:

Name Size of data MD5
102912 fc71deb4c34110baf642c04b2a1ed867
xZNxM7F* 348160 a7b59dd7e3b5876cfc43fa73819f8d30
512 177a79d5a12e74036bb0e5be7789555e
.idata 512 c320f0e8f2ee037689b1f85f0071f560
.themida 0 d41d8cd98f00b204e9800998ecf8427e
.boot 2291200 fa634efcf02078af172b1095e7bee41b
xZNxM7F* 3584 793c430763cd76d94e25a52508f6f442
.rsrc 388096 79c82e5f9d9faaaf9c976d32e7066037

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for RFTQJiBhqeeeVEzfKw_tK3Ws.exe
copyright for information about RFTQJiBhqeeeVEzfKw_tK3Ws.exe