How to remove ztdlbhn
ztdlbhn
The module ztdlbhn has been detected as Ransom.Wacatac
File Details
| Product Name: | TaskMgr 应用程序 |
| MD5: | 8186e019f63344763dce40197ad7cfc3 |
| Size: | 509 KB |
| First Published: | 2023-10-07 23:00:45 (2 years ago) |
| Latest Published: | 2023-10-07 23:01:46 (2 years ago) |
| Status: | Ransom.Wacatac (on last analysis) | |
| Analysis Date: | 2023-10-07 23:01:46 (2 years ago) |
Overview
| Signed By: | Qihoo 360 Software (Beijing) Company Limited |
| Status: | Invalid (digital signature could be stolen or file could be patched) |
Common Places:
| %commonappdata% |
| %commonappdata% |
| %commonappdata% |
| %commonappdata% |
| %sysdrive% |
Geography:
| 100.0% |
OS Version:
| Windows 10 | 100.0% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x000028bf |
PE Sections:
| Name | Size of data | MD5 |
| .text | 8192 | df143848e286961e802b61cc3ebad57b |
| .rdata | 5120 | 93537ae370dcdbae36d79de8c0772403 |
| .data | 80384 | 98b21a79e5ec28e4774ef8ef2d53445f |
| .rsrc | 414720 | 21e0910998ca8449afe3d3e069b3dc2c |
| .reloc | 5120 | 0296d187d2f4c3b6b73e862f17a4a3c6 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for ztdlbhn
