How to remove bb2022b1956fbee04f28c0dfd80e7c6c.exe
- File Details
- Overview
- Analysis
bb2022b1956fbee04f28c0dfd80e7c6c.exe
The module bb2022b1956fbee04f28c0dfd80e7c6c.exe has been detected as Ransom.Injector
File Details
| MD5: |
bb2022b1956fbee04f28c0dfd80e7c6c |
| Size: |
160 KB |
| First Published: |
2017-05-28 20:10:20 (7 years ago) |
| Latest Published: |
2018-01-04 09:01:21 (7 years ago) |
| Status: |
Ransom.Injector (on last analysis) |
|
| Analysis Date: |
2018-01-04 09:01:21 (7 years ago) |
| %programfiles%\kmspico 10.2.1 final |
| %localappdata% |
| %programfiles% |
| Armenia |
50.0% |
|
| China |
50.0% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000030b6 |
| Name |
Size of data |
MD5 |
| .text |
23552 |
71ecbec9470d0e846ce5d68f3bbdbddf |
| .rdata |
4608 |
640f709ec19b4ed0455a4c64e5934d5e |
| .data |
1024 |
bc7151fcf37fc84430446d29785eaf5d |
| .ndata |
0 |
00000000000000000000000000000000 |
| .rsrc |
23552 |
b6366b112ad06ce3e13f8f399dd15db0 |
