How to remove qeriuwjhrf

qeriuwjhrf

The module qeriuwjhrf has been detected as Ransom.Ransom

qeriuwjhrf
Remove qeriuwjhrf

File Details

MD5: 7f7ccaa16fb15eb1c7399d422f8363e8
Size: 3 MB
First Published: 2017-05-27 00:12:49 (7 years ago)
Latest Published: 2021-03-16 21:35:55 (4 years ago)
Status: Ransom.Ransom (on last analysis)
Analysis Date: 2021-03-16 21:35:55 (4 years ago)

Common Places:

%sysdrive%\windows
%windir%
%desktop%
%windir%
%windir%
%windir%
%windir%
%windir%
%windir%
%windir%

File Names:

tasksche.exe
qeriuwjhrf
7f7ccaa16fb15eb1c7399d422f8363e8.exe

Geography:

Taiwan 25.4%
Russia 15.7%
Vietnam 12.6%
Ukraine 7.4%
Thailand 6.2%
Indonesia 4.5%
Iran 4.3%
India 3.1%
China 2.4%
Turkey 1.7%
United States 1.4%
Hong Kong 1.4%
Venezuela 1.3%
Brazil 1.2%
Egypt 1.0%
South Korea 0.9%
Spain 0.8%
Japan 0.8%
Romania 0.6%
Mexico 0.4%
Peru 0.4%
Greece 0.4%
Argentina 0.4%
Sudan 0.3%
Moldova 0.3%
Algeria 0.3%
Malaysia 0.3%
Colombia 0.3%
Italy 0.3%
Pakistan 0.2%
Belarus 0.2%
Uzbekistan 0.2%
Saudi Arabia 0.2%
Estonia 0.2%
Hungary 0.2%
Canada 0.2%
Libya 0.2%
Czech Republic 0.2%
Tunisia 0.2%
United Arab Emirates 0.2%
Philippines 0.2%
Armenia 0.2%
Azerbaijan 0.1%
Ethiopia 0.1%
Singapore 0.1%
Bangladesh 0.1%
Georgia 0.1%
Kazakhstan 0.1%
Panama 0.1%
Serbia 0.1%

OS Version:

Windows 7 90.1%
Windows Server 2008 R2 9.6%
Windows 10 0.1%
Windows Embedded Standard 0.1%
Windows Web Server 2008 R2 0.1%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x000077ba

PE Sections:

Name Size of data MD5
.text 28672 920e964050a1a5dd60dd00083fd541a2
.rdata 24576 2c42611802d585e6eed68595876d1a15
.data 8192 83506e37bd8b50cacabd480f8eb3849b
.rsrc 3448832 e36fb5c25a6a2cbf39cf7a9804249af9

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for qeriuwjhrf
copyright for information about qeriuwjhrf
­