How to remove wshelper.exe
- File Details
- Overview
- Analysis
wshelper.exe
The module wshelper.exe has been detected as Ransom.Wacatac
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
33205adabce4cbe9d0ea05153154acfc |
| Size: |
113 KB |
| First Published: |
2020-05-28 05:07:42 (4 years ago) |
| Latest Published: |
2023-12-11 23:21:23 (a year ago) |
| Status: |
Ransom.Wacatac (on last analysis) |
|
| Analysis Date: |
2023-12-11 23:21:23 (a year ago) |
| %commondir%\wondershare |
| %commondir%\wondershare |
| %commondir%\wondershare |
| %commondir%\wondershare |
| %commondir%\wondershare |
| %commondir%\wondershare |
| %commondir%\wondershare |
| %commondir%\wondershare |
| %commondir%\wondershare |
| %commondir%\wondershare |
|
14.7% |
|
|
9.3% |
|
|
9.3% |
|
|
6.7% |
|
|
5.3% |
|
|
2.7% |
|
|
2.7% |
|
|
2.7% |
|
|
2.7% |
|
|
2.7% |
|
|
2.7% |
|
|
2.7% |
|
|
2.7% |
|
|
2.7% |
|
|
2.7% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
| Windows 10 |
92.9% |
|
| Windows 7 |
5.9% |
|
| Windows 8.1 |
1.2% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00001000 |
| Name |
Size of data |
MD5 |
| .code |
14336 |
6c0f4094a5493360ae8c9032ef3a9f47 |
| .text |
54272 |
1da643e4b1937b50550f9d9e8250428e |
| .rdata |
13312 |
4fb07923b0eb72c40319d48fd2d4f13f |
| .data |
4608 |
d477976ab5abaaeca9beb8758404fc02 |
| .rsrc |
28160 |
a796349b257349fa471a7437f85e4162 |
