How to remove Sym.exe
Sym.exe
The module Sym.exe has been detected as Ransom.Wacatac
File Details
| Product Name: | Sysinternals autoruns |
| Company Name: | Sysinternals - www.sysinternals.com |
| MD5: | 6b1902daab9b73ac59e07bc95e617ede |
| Size: | 755 KB |
| First Published: | 2022-05-29 23:02:38 (3 years ago) |
| Latest Published: | 2022-05-29 23:02:38 (3 years ago) |
| Status: | Ransom.Wacatac (on last analysis) | |
| Analysis Date: | 2022-05-29 23:02:38 (3 years ago) |
Common Places:
| %sysdrive% |
Geography:
| 100.0% |
OS Version:
| Windows 10 | 100.0% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000000400000 |
| Entry Address: | 0x000014d0 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 461824 | 6d2b548312df741613758e9f6cb98594 |
| .data | 86528 | b33230f22b3fd38f00dc301f960930b8 |
| .rdata | 50176 | 2378ee66cd92f8467407f9d475c34cbe |
| .pdata | 30208 | ff6e9b00df440d2bf9d9c75610929320 |
| .xdata | 40960 | 3aca1473331c0031aaa316c58dc31778 |
| .bss | 0 | d41d8cd98f00b204e9800998ecf8427e |
| .idata | 5632 | b454e56f9918e6926f801afc8a0ab05f |
| .CRT | 512 | d798e3f7aec29387b60bbef6f57082da |
| .tls | 512 | 7189e618785eebef04fec2668054f76b |
| .rsrc | 96256 | 06973f8ce3b67c487302c01cd4094273 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for Sym.exe
