How to remove Windows__Update.exe
- File Details
- Overview
- Analysis
Windows__Update.exe
The module Windows__Update.exe has been detected as Ransom.Sabsik
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
0e575fabbc0e4c58125f9209ffc3a90a |
| Size: |
339 KB |
| First Published: |
2022-06-26 23:20:27 (2 years ago) |
| Latest Published: |
2022-07-08 23:56:52 (2 years ago) |
| Status: |
Ransom.Sabsik (on last analysis) |
|
| Analysis Date: |
2022-07-08 23:56:52 (2 years ago) |
| %programfiles% |
| %programfiles% |
| %sysdrive%\$recycle.bin\s-1-5-21-1829555254-1586309196-1454587354-1001 |
| %sysdrive%\$recycle.bin\s-1-5-21-1829555254-1586309196-1454587354-1001 |
| %programfiles% |
| %programfiles% |
| %programfiles% |
| %programfiles% |
| %programfiles% |
|
33.3% |
|
|
16.7% |
|
|
16.7% |
|
|
8.3% |
|
|
8.3% |
|
|
8.3% |
|
|
8.3% |
|
| Windows 10 |
81.8% |
|
| Windows 7 |
18.2% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0005317e |
| MVID: |
d3567aa5-af67-4159-83a9-eedc5206ad8c |
| Typelib ID: |
81a552a9-0b8d-4358-8745-ec4f8bf846e5 |
| Name |
Size of data |
MD5 |
| .text |
332288 |
aa1f250314d9badb54cb54bbc8d0b56c |
| .sdata |
1024 |
c4bfb5091d8df655412363b83bbfb58d |
| .rsrc |
12288 |
2055a0992bc92e63f01f96f7441ee120 |
| .reloc |
512 |
7cff02c490309818dea6d3eb2bcb9547 |
