How to remove mongodump.exe
- File Details
- Overview
- Analysis
mongodump.exe
The module mongodump.exe has been detected as Ransom.Exp
File Details
| MD5: |
0535f7307efc8a47f99afc4bc0341072 |
| Size: |
9 MB |
| First Published: |
2020-02-06 19:33:03 (5 years ago) |
| Latest Published: |
2021-06-22 20:28:40 (4 years ago) |
| Status: |
Ransom.Exp (on last analysis) |
|
| Analysis Date: |
2021-06-22 20:28:40 (4 years ago) |
| %sysdrive%\distr\ospanel\modules\database |
| %sysdrive%\distr\ospanel\modules\database |
| %sysdrive%\ospanel\modules\database |
| %profile%\downloads\ospanel\modules\database |
| %sysdrive%\distr\ospanel\modules\database |
| %sysdrive%\distr\ospanel\modules\database |
| %sysdrive%\openserver\ospanel\modules\database |
| %sysdrive%\distr\ospanel\modules\database |
| %sysdrive%\ospanel\modules\database |
| %sysdrive%\programz\openserver\ospanel\modules\database |
|
46.4% |
|
|
32.1% |
|
|
7.1% |
|
|
3.6% |
|
|
3.6% |
|
|
3.6% |
|
|
3.6% |
|
| Windows 10 |
72.4% |
|
| Windows 7 |
17.2% |
|
| Windows 8.1 |
6.9% |
|
| Windows Server 2012 R2 |
3.4% |
|
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00052bb0 |
| Name |
Size of data |
MD5 |
| .text |
7375872 |
48eddc029ad11abbf1bdf0856d8b1d03 |
| .data |
88064 |
f78e219c2aacbcbf7f4b295e333eec77 |
| /4 |
512 |
121d8cafa17faffb71d001e3f660db47 |
| /18 |
237056 |
fdf754f82dc6a1e96ef03bdbd2c8efe7 |
| /30 |
182784 |
475236159833a593c5d5ebea9392fac2 |
| /43 |
287232 |
135c47884ede210a13a693cd2b577d65 |
| /59 |
130560 |
40a1b0828261248a0e4c438604d3dca4 |
| /75 |
512 |
247bf99786a1b4760177fca2addeed2f |
| /90 |
874496 |
556fb88b619d90af9b860881afee3024 |
| .idata |
1536 |
e536c151d2d7d467b2ba83c479d7eb68 |
| .symtab |
396288 |
21e81f6c935720abc3774b9f73b1963c |
