How to remove gwshcusa.exe

» File
File Details
Overview
Analysis

gwshcusa.exe

The module gwshcusa.exe has been detected as Ransom.STOP

gwshcusa.exe

Remove gwshcusa.exe

File Details

Main Info:

Product Name:	Circuza
MD5:	9f5428a53e6e1e9dff61f11e1b3d658b
Size:	12 MB
First Published:	2024-03-14 23:07:36 (a year ago)
Latest Published:	2024-03-14 23:07:36 (a year ago)

Analysis:

Status:	Ransom.STOP (on last analysis)
Analysis Date:	2024-03-14 23:07:36 (a year ago)

Common Places:

%system%

Geography:

Kenya

100.0%

OS Version:

Windows 10

100.0%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00009b60

PE Sections:

Name	Size of data	MD5
.text	92672	a31ac33869559850435417e6ff3963ae
.data	164864	5f85edfa8c22ea8e335b01ffdf8f58c2
.idata	3072	5548d2de15bdf634606ab867f64e9481
.hol	1024	0f343b0931126a20f133d67c2b018a3b
.rsrc	12718080	6b9cd2b3c65e13ab2d391af038c1f13b

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for gwshcusa.exe

copyright for information about gwshcusa.exe