How to remove gHEmJFD5eXdJN_nV9tBg3pRW.exe

gHEmJFD5eXdJN_nV9tBg3pRW.exe

The module gHEmJFD5eXdJN_nV9tBg3pRW.exe has been detected as Ransom.Sabsik

gHEmJFD5eXdJN_nV9tBg3pRW.exe
Remove gHEmJFD5eXdJN_nV9tBg

File Details

Product Name:

DarkLab
Company Name:

DarkLab
MD5: 799cf633aac58d0b121cf114ab0aa2b2
Size: 6 MB
First Published: 2023-12-18 23:12:59 (a year ago)
Latest Published: 2023-12-19 23:24:58 (a year ago)
Status: Ransom.Sabsik (on last analysis)
Analysis Date: 2023-12-19 23:24:58 (a year ago)

Common Places:

%profile%\onedrive\slike
%profile%\pictures

Geography:

50.0%
50.0%

OS Version:

Windows 10 100.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x00a6343e

PE Sections:

Name Size of data MD5
.text 0 d41d8cd98f00b204e9800998ecf8427e
.rdata 0 d41d8cd98f00b204e9800998ecf8427e
.data 0 d41d8cd98f00b204e9800998ecf8427e
.pdata 0 d41d8cd98f00b204e9800998ecf8427e
_RDATA 0 d41d8cd98f00b204e9800998ecf8427e
.text0 0 d41d8cd98f00b204e9800998ecf8427e
.text1 3584 83944432bfc9eb0291c64fe52c476f99
.text2 6427136 5d8ce18d6d13235cc06a1e70236f783b
.rsrc 69120 f88151e1cc95dbe768318c0a6388fc0b

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for gHEmJFD5eXdJN_nV9tBg3pRW.exe
copyright for information about gHEmJFD5eXdJN_nV9tBg3pRW.exe