How to remove winsvc.exe
winsvc.exe
The module winsvc.exe has been detected as Ransom.Gandcrab
File Details
| MD5: | 60236fe463e180272b98cf8f93208a80 |
| Size: | 93 KB |
| First Published: | 2018-09-27 09:12:45 (a year ago) |
| Latest Published: | 2020-02-14 05:52:36 (7 days ago) |
| Status: | Ransom.Gandcrab (on last analysis) | |
| Analysis Date: | 2020-02-14 05:52:36 (7 days ago) |
Common Places:
| %temp% |
| %localappdata%\microsoft\windows\temporary internet files\content.ie5 |
| %profile% |
| %profile% |
| %sysdrive%\autodesk\autocad_2015_english_win_64bit_dlm\x64\rc2015\shared\pfiles\commfiles\autodesk shared\uninstall tool |
File Names:
| 383753032732877.exe |
| 136032693328251.exe |
| tu[1].exe |
| 366701959431664.exe |
| 369653161837350.exe |
| t[1].exe |
| r[1].exe |
| winsvc.exe |
Geography:
| 52.6% | ||
| 21.1% | ||
| 10.5% | ||
| 10.5% | ||
| 5.3% |
OS Version:
| Windows 7 | 84.2% | |
| Windows 10 | 15.8% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00001541 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 43008 | 67ed7b8f38254e9dd1b63b6ffeb8ed09 |
| .rdata | 23040 | caff053b6840bfeba6393f98fb56aba0 |
| .data | 3072 | 4fee073974401620adab381473fff5a8 |
| .gfids | 1024 | 7d19edc111d6f987a18d4143d755b09d |
| .rsrc | 20480 | 851d4e9ced2f0d358f3c8ad751dadd16 |
| .reloc | 4096 | eb2a33931c15d224870342e8a942f23e |
More information:
Download GridinSoft
Anti-Malware - Removal tool for winsvc.exe
