How to remove aaAdminUser.exe
- File Details
- Overview
- Analysis
aaAdminUser.exe
The module aaAdminUser.exe has been detected as Ransom.Wacatac
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
07b96f48e2623272be94a093d8d591a0 |
| Size: |
76 KB |
| First Published: |
2023-04-08 23:14:38 (2 years ago) |
| Latest Published: |
2023-12-07 23:51:54 (2 years ago) |
| Status: |
Ransom.Wacatac (on last analysis) |
|
| Analysis Date: |
2023-12-07 23:51:54 (2 years ago) |
| %sysdrive%\marcelo backup\i\wonderware\intouch 10\common files |
| %commondir% |
| %sysdrive%\electricite\_automatisme\supervision\intouch\wonderware device integration\mitsu\dasmtfxserial\common files |
| Windows 10 |
66.7% |
|
| Windows Server 2012 |
33.3% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00006538 |
| Name |
Size of data |
MD5 |
| .text |
24576 |
85f298659ff457ffea9465430081bf48 |
| .rdata |
12288 |
c57fbd08504c672d73bac7edb039d5fb |
| .data |
4096 |
4c86c302010764fb77f02d05db1b016e |
| .rsrc |
28672 |
490baae2edf5723734efdf7e4572f4e1 |
| .reloc |
4096 |
6d47cce74780046d9799d6e833c7f765 |
