How to remove qeriuwjhrf
qeriuwjhrf
The module qeriuwjhrf has been detected as Ransom.Ransom
File Details
MD5: | 7f7ccaa16fb15eb1c7399d422f8363e8 |
Size: | 3 MB |
First Published: | 2017-05-27 00:12:49 (6 years ago) |
Latest Published: | 2021-03-16 21:35:55 (3 years ago) |
Status: | Ransom.Ransom (on last analysis) | |
Analysis Date: | 2021-03-16 21:35:55 (3 years ago) |
Common Places:
%sysdrive%\windows |
%windir% |
%desktop% |
%windir% |
%windir% |
%windir% |
%windir% |
%windir% |
%windir% |
%windir% |
File Names:
tasksche.exe |
qeriuwjhrf |
7f7ccaa16fb15eb1c7399d422f8363e8.exe |
Geography:
25.4% | ||
15.7% | ||
12.6% | ||
7.4% | ||
6.2% | ||
4.5% | ||
4.3% | ||
3.1% | ||
2.4% | ||
1.7% | ||
1.4% | ||
1.4% | ||
1.3% | ||
1.2% | ||
1.0% | ||
0.9% | ||
0.8% | ||
0.8% | ||
0.6% | ||
0.4% | ||
0.4% | ||
0.4% | ||
0.4% | ||
0.3% | ||
0.3% | ||
0.3% | ||
0.3% | ||
0.3% | ||
0.3% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.2% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% | ||
0.1% |
OS Version:
Windows 7 | 90.1% | |
Windows Server 2008 R2 | 9.6% | |
Windows 10 | 0.1% | |
Windows Embedded Standard | 0.1% | |
Windows Web Server 2008 R2 | 0.1% |
Analysis
Subsystem: | Windows GUI |
PE Type: | pe |
OS Bitness: | 32 |
Image Base: | 0x00400000 |
Entry Address: | 0x000077ba |
PE Sections:
Name | Size of data | MD5 |
.text | 28672 | 920e964050a1a5dd60dd00083fd541a2 |
.rdata | 24576 | 2c42611802d585e6eed68595876d1a15 |
.data | 8192 | 83506e37bd8b50cacabd480f8eb3849b |
.rsrc | 3448832 | e36fb5c25a6a2cbf39cf7a9804249af9 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for qeriuwjhrf