How to remove rthgf.exe
rthgf.exe
The module rthgf.exe has been detected as Ransom.Wacatac
File Details
| Product Name: | GeoGebra Classic |
| Company Name: | International GeoGebra Institute |
| MD5: | f148e5cbbd6147fe990b664917288324 |
| Size: | 1 MB |
| First Published: | 2020-06-20 10:19:09 (4 years ago) |
| Latest Published: | 2020-12-21 14:46:01 (4 years ago) |
| Status: | Ransom.Wacatac (on last analysis) | |
| Analysis Date: | 2020-12-21 14:46:01 (4 years ago) |
Common Places:
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
| %appdata% |
Geography:
| 33.3% | ||
| 11.1% | ||
| 11.1% | ||
| 11.1% | ||
| 11.1% | ||
| 7.4% | ||
| 3.7% | ||
| 3.7% | ||
| 3.7% | ||
| 3.7% |
OS Version:
| Windows 10 | 70.4% | |
| Windows 7 | 22.2% | |
| Windows 8.1 | 7.4% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00009dbc |
PE Sections:
| Name | Size of data | MD5 |
| .text | 88576 | 86e900aeea2400980b4e7d55de83128e |
| .rdata | 39936 | bcf4b483e3a1687c3c57461ef1333906 |
| .data | 9216 | 5f9d5f1b1d9854308451aa4cd50b1e89 |
| .vmp0 | 558080 | 327f8b705d2e047075a118ba8210c17a |
| .rsrc | 457728 | 08b4d462f69869590b52ac28e384b3fd |
More information:
Download GridinSoft
Anti-Malware - Removal tool for rthgf.exe
