How to remove eaNwoYaBKQ[1].exe

» File
File Details
Overview
Analysis

eaNwoYaBKQ[1].exe

The module eaNwoYaBKQ[1].exe has been detected as Ransom.STOP

eaNwoYaBKQ[1].exe

Remove eaNwoYaBKQ[1].exe

File Details

Main Info:

Company Name:	Torchok
MD5:	877fe4875a030e894a5bb8b11b0dbe43
Size:	184 KB
First Published:	2024-04-06 23:01:29 (2 years ago)
Latest Published:	2024-04-06 23:01:29 (2 years ago)

Analysis:

Status:	Ransom.STOP (on last analysis)
Analysis Date:	2024-04-06 23:01:29 (2 years ago)

Common Places:

%sysdrive%\system volume information\systemrestore\frstaging\users\helena\appdata\local\microsoft\windows\temporary internet files\content.ie5

Geography:

100.0%

OS Version:

Windows 7

100.0%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x0000143e

PE Sections:

Name	Size of data	MD5
.text	132608	a4c93c24fb6966d04eac3f714c067f72
.rdata	11264	33df6e1caf857082338bfb258b638e5e
.data	11264	9638f0ded6c419db5ae17247d26cf256
.rsrc	32256	4a5776de65b013ffc6067aa424e77264

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for eaNwoYaBKQ[1].exe

copyright for information about eaNwoYaBKQ[1].exe