How to remove explorer.exe
- File Details
- Overview
- Analysis
explorer.exe
The module explorer.exe has been detected as Ransom.Bladabindi
File Details
Product Name: |
|
Company Name: |
|
MD5: |
fdba80a556cada3d7e2b5df86d1948a5 |
Size: |
208 KB |
First Published: |
2023-03-23 23:45:59 (2 years ago) |
Latest Published: |
2023-03-23 23:46:18 (2 years ago) |
Status: |
Ransom.Bladabindi (on last analysis) |
|
Analysis Date: |
2023-03-23 23:46:18 (2 years ago) |
%appdata%\microsoft |
%appdata%\microsoft |
Windows Server 2016 |
100.0% |
|
Analysis
Subsystem: |
Windows GUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x00400000 |
Entry Address: |
0x00028aae |
MVID: |
0125acf8-8de0-4550-8147-01cc9dc97602 |
Typelib ID: |
85e65c04-ed12-439a-a4e5-f597394c9c86 |
Name |
Size of data |
MD5 |
.text |
158720 |
1fc689bdca98bb09f701a562f5c05cd5 |
.rsrc |
53760 |
ef7bdfdea6ab2446aa6227fed3f90dc3 |
.reloc |
512 |
1f98be1deda5fd002fbd0ecdc6c1647b |