How to remove p8o7mr.exe

» File
File Details
Overview
Analysis

p8o7mr.exe

The module p8o7mr.exe has been detected as Ransom.Wacatac

Remove p8o7mr.exe

File Details

Main Info:

Product Name:	AutoIt v3 Script
Company Name:	AutoIt Team
MD5:	18ce19b57f43ce0a5af149c96aecc685
Size:	872 KB
First Published:	2018-06-20 18:12:17 (6 years ago)
Latest Published:	2025-01-03 23:02:07 (a day ago)

Analysis:

Status:	Ransom.Wacatac (on last analysis)
Analysis Date:	2025-01-03 23:02:07 (a day ago)

Overview

Digital Signature

Signed By:	AutoIt Consulting Ltd
Status:	Valid

Common Places:

%localappdata%

%startmenu%

%appdata%

%localappdata%

File Names:

wijfa4.exe

p8o7mr.exe

VovPtQVHLk.exe

loader.exe

Loader.exe

GoogleUpdates.exe

AutoIt3.exe

autoit3.exe

Geography:

	16.4%
	12.5%
	9.4%
	6.3%
	4.7%
	4.7%
	3.9%
	3.9%
	3.9%
	3.1%
	3.1%
	3.1%
	3.1%
	2.3%
	2.3%
	2.3%
	1.6%
	1.6%
	1.6%
	1.6%
	1.6%
	0.8%
	0.8%
	0.8%
	0.8%
	0.8%
	0.8%
	0.8%
	0.8%
	0.8%

OS Version:

Windows 10	90.6%
Windows 7	9.4%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00027ffa

PE Sections:

Name	Size of data	MD5
.text	583680	d3768a11ea36069481555571eb0e87cc
.rdata	196096	f0e823bd9244d52db867278fb1c8a7f3
.data	20992	dcfc007fd1d97a1a6dc1794856b6d56b
.rsrc	55296	c3c33abe03ecc3b908b418cbe99f45f6
.reloc	29184	0eb983e28371cb5c32033bbd12e446d6

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for p8o7mr.exe

copyright for information about p8o7mr.exe

How to remove p8o7mr.exe

p8o7mr.exe

The module p8o7mr.exe has been detected as Ransom.Wacatac

File Details

Main Info:

AutoIt v3 Script

AutoIt Team

Analysis:

Overview

Digital Signature

Common Places:

Geography:

OS Version:

Analysis

PE Info:

PE Sections:

More information: