How to remove ZGW_SEARCH.exe

ZGW_SEARCH.exe

The module ZGW_SEARCH.exe has been detected as Ransom.Wacatac

ZGW_SEARCH.exe
Remove ZGW_SEARCH.exe

File Details

Product Name:

ZGW Search
Company Name:

BMW AG
MD5: af9beb607919355b5ce351dd85763bef
Size: 36 KB
First Published: 2023-10-17 23:04:52 (2 years ago)
Latest Published: 2024-04-10 23:05:56 (2 years ago)
Status: Ransom.Wacatac (on last analysis)
Analysis Date: 2024-04-10 23:05:56 (2 years ago)

Common Places:

%sysdrive%\ediabas\hardware
%sysdrive%\azoz\toyota supra ista 4.42.31 by jaksa27\toyota-ista+app_+4.42.31.25663+[with+obfcm]\bmw_ispi_ista-toyotaj29-app_4.42.31.25663_signed

Geography:

50.0%
50.0%

OS Version:

Windows 7 50.0%
Windows 10 50.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x0000131c

PE Sections:

Name Size of data MD5
.text 20480 aeedfd3a4de542b759ec3f86b9e243c0
.data 4096 620f0b67a91f7f74151bc5be745b7110
.rsrc 8192 ec2a43dd9b76ecb494a8007fcd077f52

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for ZGW_SEARCH.exe
copyright for information about ZGW_SEARCH.exe