How to remove RuntimeBroker.exe

RuntimeBroker.exe

The module RuntimeBroker.exe has been detected as Ransom.Wacatac

RuntimeBroker.exe
Remove RuntimeBroker.exe

File Details

Product Name:

RuntimeBroker
Company Name:

Microsoft® Windows® Operating System
MD5: d2ca6f5fb6520e5160d7e99079c5d287
Size: 68 KB
First Published: 2022-08-26 23:56:10 (3 years ago)
Latest Published: 2022-08-26 23:56:10 (3 years ago)
Status: Ransom.Wacatac (on last analysis)
Analysis Date: 2022-08-26 23:56:10 (3 years ago)

Geography:

100.0%

OS Version:

Windows 10 100.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x0001235e

PE Sections:

Name Size of data MD5
.text 66560 bdf5129d9739d3d595b2b5389aacbcc3
.rsrc 2048 7bc9d8e002aff594cb0131f0f9a87436
.reloc 512 56e4f0dc06ffb41e89449c841925e895

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for RuntimeBroker.exe
copyright for information about RuntimeBroker.exe