How to remove Windows.exe

» File
File Details
Overview
Analysis

Windows.exe

The module Windows.exe has been detected as Ransom.Sabsik

Windows.exe

Remove Windows.exe

File Details

Main Info:

Product Name:	Realtek HD Auido Update and remove driver Tool
Company Name:	Realtek Semiconductor Corp.
MD5:	c74a54611729be7c00a42b47d4d41e00
Size:	3 MB
First Published:	2021-08-27 20:39:45 (4 years ago)
Latest Published:	2021-08-27 20:44:14 (4 years ago)

Analysis:

Status:	Ransom.Sabsik (on last analysis)
Analysis Date:	2021-08-27 20:44:14 (4 years ago)

Overview

Digital Signature

Signed By:	Corel Corporation
Status:	Invalid (digital signature could be stolen or file could be patched)

Common Places:

%temp%

%temp%

Geography:

100.0%

OS Version:

Windows 10

100.0%

Analysis

PE Info:

Subsystem:	Windows CUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x005016f8

PE Sections:

Name	Size of data	MD5
	95744	ee233533b1ab15798e44d7fa43b5a430
	2048	d660634c06ba3714d09dcb9706492815
	38912	3a13b4be116c2b1779fa7904c1836ff8
	512	5a3db0edb88c0c34caa3f840a9a4d344
.idata	512	c81c57f3ee4245218cd3f31874cc6973
800-850	94720	94c36adab9ea5d9a3c53cf7c656b97d2
.themida	0	d41d8cd98f00b204e9800998ecf8427e
.boot	2989568	e04e6fd525d75147cda63c3be5cc3d5a
800-850	2560	cb5c99eceb4c6e53e8f5a5f38ff8c69b
.rsrc	104448	f2aa1a5a1bf666d0c8f57e638f31b9f7

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for Windows.exe

copyright for information about Windows.exe