How to remove cttrnmod.exe
- File Details
- Overview
- Analysis
cttrnmod.exe
The module cttrnmod.exe has been detected as Ransom.Exp
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
28f85e4a7a778d75426eafe4a275f35d |
| Size: |
1 MB |
| First Published: |
2021-01-05 10:37:00 (4 years ago) |
| Latest Published: |
2021-01-10 00:31:37 (4 years ago) |
| Status: |
Ransom.Exp (on last analysis) |
|
| Analysis Date: |
2021-01-10 00:31:37 (4 years ago) |
| %desktop%\dbfilesfromrecyc\schuyler\faircom\win32\tools\cmdline\admin |
| %sysdrive%\schuyler\faircom\win32\tools\cmdline\admin |
| %desktop%\dbfilesfromrecyc\schuyler\faircom\win32\tools\cmdline\admin |
| %sysdrive%\schuyler\faircom\win32\tools\cmdline\admin |
| %desktop%\dbfilesfromrecyc\schuyler\faircom\win32\tools\cmdline\admin |
| %sysdrive%\schuyler\faircom\win32\tools\cmdline\admin |
| Windows Server 2016 |
100.0% |
|
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000c0aaf |
| Name |
Size of data |
MD5 |
| .text |
1183232 |
b54262ba4d373b3061982a4c9431cfd4 |
| .rdata |
79360 |
6f964564ed287b1e1cf1e0afcbe27051 |
| .data |
101376 |
f0cfdeb0509f95abe081a62c57afd763 |
| .idata |
4608 |
03edd959ef35658690eb3809b62b7712 |
| .rsrc |
2048 |
9cfa2cc7e95e71169614b7fb9c8398ee |
| .reloc |
31232 |
9c6dc004e687c6a446c2a9bd9136679c |
