How to remove Windows.exe
- File Details
- Overview
- Analysis
Windows.exe
The module Windows.exe has been detected as Ransom.Sabsik
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
c74a54611729be7c00a42b47d4d41e00 |
| Size: |
3 MB |
| First Published: |
2021-08-27 20:39:45 (4 years ago) |
| Latest Published: |
2021-08-27 20:44:14 (4 years ago) |
| Status: |
Ransom.Sabsik (on last analysis) |
|
| Analysis Date: |
2021-08-27 20:44:14 (4 years ago) |
Overview
| Signed By: |
Corel Corporation |
| Status: |
Invalid (digital signature could be stolen or file could be patched) |
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x005016f8 |
| Name |
Size of data |
MD5 |
| |
95744 |
ee233533b1ab15798e44d7fa43b5a430 |
| |
2048 |
d660634c06ba3714d09dcb9706492815 |
| |
38912 |
3a13b4be116c2b1779fa7904c1836ff8 |
| |
512 |
5a3db0edb88c0c34caa3f840a9a4d344 |
| .idata |
512 |
c81c57f3ee4245218cd3f31874cc6973 |
| 800-850 |
94720 |
94c36adab9ea5d9a3c53cf7c656b97d2 |
| .themida |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| .boot |
2989568 |
e04e6fd525d75147cda63c3be5cc3d5a |
| 800-850 |
2560 |
cb5c99eceb4c6e53e8f5a5f38ff8c69b |
| .rsrc |
104448 |
f2aa1a5a1bf666d0c8f57e638f31b9f7 |