How to remove WM0o0kOt8w[1].exe

» File
File Details
Overview
Analysis

WM0o0kOt8w[1].exe

The module WM0o0kOt8w[1].exe has been detected as Backdoor.Tofsee

WM0o0kOt8w[1].exe

Remove WM0o0kOt8w[1].exe

File Details

Main Info:

Product Name:	Porezotaga
MD5:	828c8d3f71eec315a17f1e9766079c90
Size:	240 KB
First Published:	2024-07-20 23:04:29 (a year ago)
Latest Published:	2024-07-20 23:04:29 (a year ago)

Analysis:

Status:	Backdoor.Tofsee (on last analysis)
Analysis Date:	2024-07-20 23:04:29 (a year ago)

Common Places:

%localappdata%\microsoft\windows\inetcache\ie

Geography:

100.0%

OS Version:

Windows 10

100.0%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00004dc5

PE Sections:

Name	Size of data	MD5
.text	148992	16b7d3c32eddcb2c4bb8af3f3a5bcc14
.rdata	20480	876ce8905b847ceece8a89cfe940a244
.data	48128	30e2fe42bd97bac66519aadb1e4af644
.pujufi	1024	0f343b0931126a20f133d67c2b018a3b
.vife	6656	3c63825015aabd810674f44afac6d12b
.badomi	1024	0f343b0931126a20f133d67c2b018a3b
.rsrc	18944	537994c66e5d1df88fb7962313d310f1

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for WM0o0kOt8w[1].exe

copyright for information about WM0o0kOt8w[1].exe