How to remove Wahyzhaecudi.exe

Wahyzhaecudi.exe

The module Wahyzhaecudi.exe has been detected as Ransom.Wacatac

Wahyzhaecudi.exe
Remove Wahyzhaecudi.exe

File Details

Product Name:

burpsuite_security_software
Company Name:

burpsuite_security_software
MD5: fc63da4794ca5c3e39d7550952ba4f89
Size: 424 KB
First Published: 2022-06-08 23:05:16 (3 years ago)
Latest Published: 2022-06-12 23:44:08 (3 years ago)
Status: Ransom.Wacatac (on last analysis)
Analysis Date: 2022-06-12 23:44:08 (3 years ago)

Common Places:

%sysdrive%\$recycle.bin\s-1-5-21-2670754273-1329201681-2934943714-1001
%sysdrive%\system volume information\systemrestore\frstaging\users\soporte tecnico\appdata\local\temp
%temp%
%temp%

Geography:

50.0%
25.0%
25.0%

OS Version:

Windows 10 75.0%
Windows 7 25.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x000685de

.NET Info:

MVID: c02c8661-c09d-4b53-9bfc-82b3aac64c8c
Typelib ID: e095d7d0-9bc7-4511-8254-b7d88498f374

PE Sections:

Name Size of data MD5
.text 419328 85b4e4dab6e2c87343446451a974d107
.sdata 1024 e5db23a1c0fbe01b0f3f847a5a519f20
.rsrc 12288 127223cb9133e041342b1c88250f01ac
.reloc 512 4ff8b2ab677f695c0a4b5f83062585a4

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for Wahyzhaecudi.exe
copyright for information about Wahyzhaecudi.exe