How to remove ctcmdset.exe
- File Details
- Overview
- Analysis
ctcmdset.exe
The module ctcmdset.exe has been detected as Ransom.Exp
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
bf4487cc2d617401b38f116e830aad86 |
| Size: |
1 MB |
| First Published: |
2021-01-05 10:39:28 (4 years ago) |
| Latest Published: |
2021-01-10 00:33:52 (4 years ago) |
| Status: |
Ransom.Exp (on last analysis) |
|
| Analysis Date: |
2021-01-10 00:33:52 (4 years ago) |
| %desktop%\dbfilesfromrecyc\schuyler\faircom\win32\tools\cmdline\admin |
| %sysdrive%\schuyler\faircom\win32\tools\cmdline\admin |
| %desktop%\dbfilesfromrecyc\schuyler\faircom\win32\tools\cmdline\admin |
| %sysdrive%\schuyler\faircom\win32\tools\cmdline\admin |
| %desktop%\dbfilesfromrecyc\schuyler\faircom\win32\tools\cmdline\admin |
| %sysdrive%\schuyler\faircom\win32\tools\cmdline\admin |
| Windows Server 2016 |
100.0% |
|
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000bed78 |
| Name |
Size of data |
MD5 |
| .text |
1177600 |
081429cf793c7b44c6c41f8265289d8e |
| .rdata |
79360 |
a55c29548a6242864934a14aeb69208c |
| .data |
96768 |
36be1c24c773fea48e22f9a971d93cde |
| .idata |
4608 |
703f9e848a764d6c871a3201641da38c |
| .rsrc |
2048 |
eee461c126a26f949684d0eb520a1b35 |
| .reloc |
30720 |
d7a4b583e17188a87ca91e4bd9e497e6 |
