How to remove nircmdc.exe
- File Details
- Overview
- Analysis
nircmdc.exe
The module nircmdc.exe has been detected as Ransom.Sabsik
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
212a6b63d29b8157c78754a2f5e1a069 |
| Size: |
44 KB |
| First Published: |
2025-06-20 23:05:11 (2 months ago) |
| Latest Published: |
2025-08-17 23:00:49 (4 days ago) |
| Status: |
Ransom.Sabsik (on last analysis) |
|
| Analysis Date: |
2025-08-17 23:00:49 (4 days ago) |
| %profile%\downloads\computer emergency\tron\resources\stage_0_prep |
| %desktop%\tron\resources\stage_0_prep |
| %profile%\downloads\emergency!!\tron\resources\stage_0_prep |
| %desktop%\!computeremergency\tron v12.0.8 (2025-01-09)\tron\resources\stage_0_prep |
| %desktop%\tron\resources\stage_0_prep |
| %profile%\onedrive\desktop\tron\resources\stage_0_prep |
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00019f90 |
| Name |
Size of data |
MD5 |
| UPX0 |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| UPX1 |
41472 |
dda804981c48afd90dd85fbc19f46af3 |
| .rsrc |
2560 |
18ca30d3e2a3618bbccd6f88cfd4e3a8 |
