How to remove oobeldr.exe
- File Details
- Overview
- Analysis
oobeldr.exe
The module oobeldr.exe has been detected as Ransom.Sabsik
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
ecfae3cc8a7ba2e4681a378864658af6 |
| Size: |
2 MB |
| First Published: |
2022-08-30 23:40:58 (2 years ago) |
| Latest Published: |
2022-09-28 23:11:08 (2 years ago) |
| Status: |
Ransom.Sabsik (on last analysis) |
|
| Analysis Date: |
2022-09-28 23:11:08 (2 years ago) |
| %appdata%\microsoft |
| %appdata%\microsoft |
| %appdata%\microsoft |
| %temp% |
| %temp% |
| %temp% |
| %appdata%\microsoft |
| %appdata%\microsoft |
| %temp% |
| %appdata%\microsoft |
|
23.1% |
|
|
15.4% |
|
|
7.7% |
|
|
7.7% |
|
|
7.7% |
|
|
7.7% |
|
|
7.7% |
|
|
7.7% |
|
|
7.7% |
|
|
7.7% |
|
| Windows 10 |
76.9% |
|
| Windows 8.1 |
7.7% |
|
| Windows Server 2016 |
7.7% |
|
| Windows 7 |
7.7% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x004ae0ac |
| Name |
Size of data |
MD5 |
| .MPRESS1 |
2904064 |
491b40ff2e8b66464633fd1b5840f2c1 |
| .MPRESS2 |
3584 |
6fc4350c5f32673f68e1ff6e6198d1d8 |
| .rsrc |
51200 |
008056a4b349913fc19274ad87790eba |
