How to remove c6tQ_sIx5BlgbJymrfjg0sO3.exe

c6tQ_sIx5BlgbJymrfjg0sO3.exe

The module c6tQ_sIx5BlgbJymrfjg0sO3.exe has been detected as Ransom.Sabsik

c6tQ_sIx5BlgbJymrfjg0sO3.exe
Remove c6tQ_sIx5BlgbJymrfjg

File Details

Product Name:

Application
Company Name:

Schneider Electric SE
MD5: 71e343c2f2889f05d14fb924ffa3a2c2
Size: 255 KB
First Published: 2023-06-16 23:23:34 (2 years ago)
Latest Published: 2023-06-16 23:23:34 (2 years ago)
Status: Ransom.Sabsik (on last analysis)
Analysis Date: 2023-06-16 23:23:34 (2 years ago)

Overview

Signed By: Wondershare Technology Group Co.,Ltd
Status: Invalid (digital signature could be stolen or file could be patched)

Common Places:

%profile%\pictures

Geography:

100.0%

OS Version:

Windows 10 100.0%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x000055e0

PE Sections:

Name Size of data MD5
.text 45568 20454481eba84ab372420f8188d2327d
.rdata 11776 3b2af4fd88372a2f3fb55ef3ada75500
.data 180224 ef23febde2f8f6c509ca12993f603f35
.rsrc 1536 4fc33441422508e0a077a3e0106799fb

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for c6tQ_sIx5BlgbJymrfjg0sO3.exe
copyright for information about c6tQ_sIx5BlgbJymrfjg0sO3.exe