How to remove cleanup.exe
- File Details
- Overview
- Analysis
cleanup.exe
The module cleanup.exe has been detected as Ransom.Wacatac
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
ea89a9318342a267df7a06b1168353b7 |
| Size: |
316 KB |
| First Published: |
2017-07-04 21:09:46 (7 years ago) |
| Latest Published: |
2025-01-13 23:01:09 (a month ago) |
| Status: |
Ransom.Wacatac (on last analysis) |
|
| Analysis Date: |
2025-01-13 23:01:09 (a month ago) |
| %profile%\desktop |
| %desktop% |
| %desktop% |
| %desktop% |
| %desktop% |
| %sysdrive% |
|
68.8% |
|
|
12.5% |
|
|
6.3% |
|
|
6.3% |
|
|
6.3% |
|
| Windows 7 |
56.3% |
|
| Windows Server 2008 R2 |
25.0% |
|
| Windows 10 |
12.5% |
|
| Windows 8.1 |
6.3% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00012879 |
| Name |
Size of data |
MD5 |
| .text |
188416 |
81d9d1131f778fc492f93c2b73c3361c |
| .rdata |
45056 |
1ab8bd8f74250da1239ceb4acc158390 |
| .data |
16384 |
74b5fd35c7edf01f92d01e345253d3ee |
| .rsrc |
69632 |
7246c4bca3aeb28161fac9e9792b6ebc |
