How to remove tbvgrfced.exe
- File Details
- Overview
- Analysis
tbvgrfced.exe
The module tbvgrfced.exe has been detected as Ransom.STOP
File Details
MD5: |
362f6e913370a375be02518e06ee656f |
Size: |
1 MB |
First Published: |
2019-11-07 17:26:25 (4 years ago) |
Latest Published: |
2020-01-23 15:22:16 (4 years ago) |
Status: |
Ransom.STOP (on last analysis) |
|
Analysis Date: |
2020-01-23 15:22:16 (4 years ago) |
%localappdata% |
%appdata% |
%localappdata% |
%appdata% |
%localappdata% |
%localappdata% |
%sysdrive%\windows.old\users\sin178\appdata\local |
%sysdrive%\windows.old\users\sin178\appdata |
%sysdrive%\windows.old\users\sin178\appdata\local |
%localappdata% |
|
25.0% |
|
|
25.0% |
|
|
15.0% |
|
|
10.0% |
|
|
7.5% |
|
|
5.0% |
|
|
5.0% |
|
|
2.5% |
|
|
2.5% |
|
|
2.5% |
|
Windows 10 |
87.5% |
|
Windows 7 |
12.5% |
|
Analysis
Subsystem: |
Windows GUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x00400000 |
Entry Address: |
0x00005ad7 |
Name |
Size of data |
MD5 |
.text |
106496 |
35cdee7bdcc5c3c0e7a4eb5749b0d58c |
.rdata |
41472 |
6c505826787c4ad42e559c00140062a1 |
.data |
11776 |
ca9a51ae4b8a251e623cfc6819c29390 |
.text |
1054208 |
b2f8ef629a3e248a4a63f0f94bb5e7b4 |
.tls |
512 |
bf619eac0cdf3f68d496ea9344137e8b |
.rsrc |
49152 |
379c081029b3c106098835690bbc55c5 |
.reloc |
7168 |
92b57281c2e73467dc3cb5b4f6692780 |