How to remove c4lU2tTkGfHzkR8Xm2Zmn17v.exe

c4lU2tTkGfHzkR8Xm2Zmn17v.exe

The module c4lU2tTkGfHzkR8Xm2Zmn17v.exe has been detected as Ransom.STOP

c4lU2tTkGfHzkR8Xm2Zmn17v.exe
Remove c4lU2tTkGfHzkR8Xm2Zm

File Details

Product Name:

Pircuzar
MD5: bf00be9c3617c18a3e603034d20c24e7
Size: 461 KB
First Published: 2024-03-18 23:02:21 (2 years ago)
Latest Published: 2024-03-18 23:02:26 (2 years ago)
Status: Ransom.STOP (on last analysis)
Analysis Date: 2024-03-18 23:02:26 (2 years ago)

Common Places:

%profile%
%sysdrive%\windows.old\users\ik10\appdata
%profile%
%profile%
%profile%
%sysdrive%\windows.old\users\ik10\appdata
%sysdrive%\windows.old\users\ik10\appdata
%profile%
%sysdrive%\windows.old\users\ik10\appdata
%profile%

Geography:

100.0%

OS Version:

Windows 10 100.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00004028

PE Sections:

Name Size of data MD5
.text 61952 26fb78c804809bfbe3c4c61985883c56
.rdata 35328 9ef44e184b037143a94ba60a6d4cf308
.data 303104 951f90101d3d35bcb4e97f7a32a499e9
.rsrc 70656 eb8fa7feb32885702afa9f1b058adbbf

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for c4lU2tTkGfHzkR8Xm2Zmn17v.exe
copyright for information about c4lU2tTkGfHzkR8Xm2Zmn17v.exe