How to remove y.exe
y.exe
The module y.exe has been detected as Ransom.Wacatac
File Details
| Product Name: | Windows® Internet Explorer |
| Company Name: | Microsoft Corporation |
| MD5: | 306a20db56858f994aeee22cf1cb810b |
| Size: | 1 MB |
| First Published: | 2021-01-03 10:11:23 (4 years ago) |
| Latest Published: | 2021-01-11 08:46:31 (4 years ago) |
| Status: | Ransom.Wacatac (on last analysis) | |
| Analysis Date: | 2021-01-11 08:46:31 (4 years ago) |
Overview
| Signed By: | Glarysoft LTD |
| Status: | Invalid (digital signature could be stolen or file could be patched) |
Common Places:
| %temp% |
| %temp% |
| %temp% |
| %temp% |
| %temp% |
| %temp% |
| %temp% |
| %temp% |
| %temp% |
Geography:
| 37.5% | ||
| 25.0% | ||
| 12.5% | ||
| 12.5% | ||
| 12.5% |
OS Version:
| Windows 7 | 44.4% | |
| Windows 8.1 | 33.3% | |
| Windows 10 | 11.1% | |
| Windows 8 | 11.1% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00006897 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 24576 | 0e5b7c4ec989bb777c6fbf0a1cd84794 |
| .data | 1024 | 27b3fb2f9d6a275356ae6b7aafacc75e |
| .idata | 4608 | b1ebf4cc039d0487028fa3142ea98061 |
| .rsrc | 1090560 | 3dd70689a2ee2ebc92a4c45a9047fecd |
| .reloc | 3072 | 39c45ed74aa4b48de090fbb3b1d93bbb |
More information:
Download GridinSoft
Anti-Malware - Removal tool for y.exe
