How to remove Thu09a7373d6d.exe
- File Details
- Overview
- Analysis
Thu09a7373d6d.exe
The module Thu09a7373d6d.exe has been detected as Ransom.Sabsik
File Details
Product Name: |
|
Company Name: |
|
MD5: |
557ee240b0fb69b1483b663a7e82a3a0 |
Size: |
379 KB |
First Published: |
2021-11-11 21:20:15 (3 years ago) |
Latest Published: |
2021-12-14 21:49:30 (3 years ago) |
Status: |
Ransom.Sabsik (on last analysis) |
|
Analysis Date: |
2021-12-14 21:49:30 (3 years ago) |
%temp% |
%sysdrive%\$recycle.bin\s-1-5-21-3348407136-705583555-1943991204-1001 |
%temp% |
%sysdrive%\windows.old\users\dct\appdata\local\temp |
Windows 10 |
75.0% |
|
Windows 7 |
25.0% |
|
Analysis
Subsystem: |
Windows GUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x00400000 |
Entry Address: |
0x0000a5f8 |
Name |
Size of data |
MD5 |
CODE |
40448 |
c3bd95c4b1a8e5199981e0d9b45fd18c |
DATA |
1024 |
1ee71d84f1c77af85f1f5c278f880572 |
BSS |
0 |
d41d8cd98f00b204e9800998ecf8427e |
.idata |
2560 |
bb5485bf968b970e5ea81292af2acdba |
.tls |
0 |
d41d8cd98f00b204e9800998ecf8427e |
.rdata |
512 |
9ba824905bf9c7922b6fc87a38b74366 |
.reloc |
0 |
d41d8cd98f00b204e9800998ecf8427e |
.rsrc |
11264 |
68302b9dff25ff6db52b1b0f4782979e |