How to remove Thu09a7373d6d.exe

Thu09a7373d6d.exe

The module Thu09a7373d6d.exe has been detected as Ransom.Sabsik

Thu09a7373d6d.exe
Remove Thu09a7373d6d.exe

File Details

Product Name:

FarLabUninstaller.exe

Company Name:

FarLabUninstaller soft

MD5: 557ee240b0fb69b1483b663a7e82a3a0
Size: 379 KB
First Published: 2021-11-11 21:20:15 (3 years ago)
Latest Published: 2021-12-14 21:49:30 (3 years ago)
Status: Ransom.Sabsik (on last analysis)
Analysis Date: 2021-12-14 21:49:30 (3 years ago)

Common Places:

%temp%
%sysdrive%\$recycle.bin\s-1-5-21-3348407136-705583555-1943991204-1001
%temp%
%sysdrive%\windows.old\users\dct\appdata\local\temp

Geography:

50.0%
25.0%
25.0%

OS Version:

Windows 10 75.0%
Windows 7 25.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x0000a5f8

PE Sections:

Name Size of data MD5
CODE 40448 c3bd95c4b1a8e5199981e0d9b45fd18c
DATA 1024 1ee71d84f1c77af85f1f5c278f880572
BSS 0 d41d8cd98f00b204e9800998ecf8427e
.idata 2560 bb5485bf968b970e5ea81292af2acdba
.tls 0 d41d8cd98f00b204e9800998ecf8427e
.rdata 512 9ba824905bf9c7922b6fc87a38b74366
.reloc 0 d41d8cd98f00b204e9800998ecf8427e
.rsrc 11264 68302b9dff25ff6db52b1b0f4782979e

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for Thu09a7373d6d.exe
copyright for information about Thu09a7373d6d.exe