How to remove Windows.exe
- File Details
- Overview
- Analysis
Windows.exe
The module Windows.exe has been detected as Ransom.Sabsik
File Details
Product Name: |
|
Company Name: |
|
MD5: |
c74a54611729be7c00a42b47d4d41e00 |
Size: |
3 MB |
First Published: |
2021-08-27 20:39:45 (4 years ago) |
Latest Published: |
2021-08-27 20:44:14 (4 years ago) |
Status: |
Ransom.Sabsik (on last analysis) |
|
Analysis Date: |
2021-08-27 20:44:14 (4 years ago) |
Overview
Signed By: |
Corel Corporation |
Status: |
Invalid (digital signature could be stolen or file could be patched) |
Analysis
Subsystem: |
Windows CUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x00400000 |
Entry Address: |
0x005016f8 |
Name |
Size of data |
MD5 |
|
95744 |
ee233533b1ab15798e44d7fa43b5a430 |
|
2048 |
d660634c06ba3714d09dcb9706492815 |
|
38912 |
3a13b4be116c2b1779fa7904c1836ff8 |
|
512 |
5a3db0edb88c0c34caa3f840a9a4d344 |
.idata |
512 |
c81c57f3ee4245218cd3f31874cc6973 |
800-850 |
94720 |
94c36adab9ea5d9a3c53cf7c656b97d2 |
.themida |
0 |
d41d8cd98f00b204e9800998ecf8427e |
.boot |
2989568 |
e04e6fd525d75147cda63c3be5cc3d5a |
800-850 |
2560 |
cb5c99eceb4c6e53e8f5a5f38ff8c69b |
.rsrc |
104448 |
f2aa1a5a1bf666d0c8f57e638f31b9f7 |