How to remove r19E0jPmq.exe

» File
File Details
Overview
Analysis

r19E0jPmq.exe

The module r19E0jPmq.exe has been detected as Ransom.Sabsik

r19E0jPmq.exe

Remove r19E0jPmq.exe

File Details

Main Info:

Product Name:	Lolzguru
Company Name:	Lolzguru
MD5:	a35b528379270328b065b7f768af3dc5
Size:	232 KB
First Published:	2022-04-01 23:12:10 (3 years ago)
Latest Published:	2022-04-06 23:15:07 (3 years ago)

Analysis:

Status:	Ransom.Sabsik (on last analysis)
Analysis Date:	2022-04-06 23:15:07 (3 years ago)

Common Places:

%temp%

%temp%

%localappdata%\microsoft\windows\temporary internet files\content.ie5

%temp%

%localappdata%\microsoft\windows\inetcache\ie

%temp%

%localappdata%\microsoft\windows\inetcache\ie

Geography:

	80.0%
	20.0%

OS Version:

Windows 10	71.4%
Windows 7	28.6%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x0000b460

PE Sections:

Name	Size of data	MD5
.text	99840	25c807553fcb2bfef25715b638b62692
.rdata	27648	0562b69605d4a74e52fbf5b39e886852
.data	3072	f84842ce35c23131059df0d61d5ccc5d
.rsrc	101376	19449f96c695e18890b5675b66e1cbd6
.reloc	5120	941072887e6550f7fef9448773b5bfd8

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for r19E0jPmq.exe

copyright for information about r19E0jPmq.exe