How to remove RecorderHD64.dll

» File
File Details
Overview
Analysis

RecorderHD64.dll

The module RecorderHD64.dll has been detected as Ransom.Wacatac

RecorderHD64.dll

Remove RecorderHD64.dll

File Details

Main Info:

MD5:	0fd10af1971a2ad2196ffcd240cf4c12
Size:	7 MB
First Published:	2020-02-18 00:31:22 (5 years ago)
Latest Published:	2021-01-12 21:48:57 (4 years ago)

Analysis:

Status:	Ransom.Wacatac (on last analysis)
Analysis Date:	2021-01-12 21:48:57 (4 years ago)

Common Places:

%programfiles%

%sysdrive%\programy

%programfiles%\burning

%programfiles%

%desktop%

%sysdrive%\$recycle.bin

%programfiles%

%programfiles%

%programfiles%

%programfiles%

Geography:

	34.4%
	15.6%
	12.5%
	9.4%
	6.3%
	3.1%
	3.1%
	3.1%
	3.1%
	3.1%
	3.1%
	3.1%

OS Version:

Windows 10	90.6%
Windows 7	6.3%
Windows 8.1	3.1%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000180000000
Entry Address:	0x00648ea2

PE Sections:

Name	Size of data	MD5
.text	1719808	f048fcfd2683f2494ef4c062d03e367e
.rdata	937472	17a939e703ddefdd40e90825648d0f8c
.data	66048	b14792bb123631e65e35d6b36dcec71d
.pdata	91136	e6ff9ad15eed718b1c6ff89b2ee90374
.detourc	8704	2d724343ef49c9a4e9e308df4ec4919e
.detourd	512	083338860205efcc4d20e102cfe79c12
__CV0	3123200	07c597b53f553590ea29d824f4b80bcd
__CV1	2178048	9a18a435a522f60f0348fc7ece6bdfeb
.reloc	25600	3e4b8ff64393f67aeb00cb68eaf6f4ce
.rsrc	512	244426d0d287954055f91757848a3301

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for RecorderHD64.dll

copyright for information about RecorderHD64.dll