Gridinsoft Logo

GotoHTTP_x64.exe Ransomware STOP/Djvu Analysis

Ransomware STOP/Djvu
Updated on 2024-11-01 (1 month ago)
Checked by Online Virus Scanner
Online Virus Checker v.1.0.195.174
DB Version: 2024-11-01 15:00:29

Ransom.Win64.STOP.tr!n

STOP/Djvu Ransomware, also known simply as STOP Ransomware or Djvu Ransomware, is a type of malicious software that encrypts the files on a victim's computer and demands a ransom for their decryption. This ransomware variant has been active for several years and has affected numerous users and organizations.

File GotoHTTP_x64.exe
Checked 2024-11-01 13:12:48
MD5 f4ea4e9b8017b5edd392b7416bd390af
SHA1 db5f5c4358c295aa32f5a7d62869b21f9fe45e43
SHA256 230b84398e873938bbcc7e4a1a358bde4345385d58eb45c1726cee22028026e9
SHA512 c96567515959026017bd2253f2ff61e9fdd6662a6b813c8843219ad11bd7366ae5582192bf86bd528bb839349b90f1f3f0c58f8684b9b568bc15f50a9174bd2b
Imphash 68474882704138e677b9350eb7d5a5e3
File Size 3158952 bytes

Ransom.Win64.STOP.tr!n Removal

Ransom.Win64.STOP.tr!n Removal

Gridinsoft has the capability to identify and eliminate Ransom.Win64.STOP.tr!n without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

File Version Information

CompanyName Pingbo Inc
FileDescription GotoHTTP
FileVersion 10.2.0.1925
InternalName GotoHTTP
LegalCopyright Copyright 2018-2024 Pingbo Inc
OriginalFilename GotoHTTP.exe
ProductName GotoHTTP
ProductVersion 10.2.0.1925
Translation 0x0409 0x04b0

Portable Executable Info

71626004a4b3a0167aab5abfb0a036ab
3f9b8131aea512982e3be3712ae3ac6e
00d4e8d0f0f0f068
Image Base: 0x140000000
Entry Point: 0x1401e80f4
Compilation: 2024-05-11 01:53:25
Checksum: 0x0030ed02 (Actual: 0x0030ed02)
OS Version: 5.2
PEiD: PE32+ executable (GUI) x86-64, for MS Windows
Sign: OK
Sections: 7
Imports: WS2_32, KERNEL32, USER32, GDI32, ADVAPI32, SHELL32, ole32, OLEAUT32, USERENV,
Exports: 0
Resources: 44

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
.text 0x00001000 0x00236566 0x00236600 6ce8f035c8600ad0ecd00ba2d13b6bc9 6.72
.rodata 0x00238000 0x00000920 0x00000a00 75457cfd7411af09c4b4e317376e93af 4.05
.rdata 0x00239000 0x0009f098 0x0009f200 9f5d5ad62cc67a43bcb5c46e7108aff1 5.45
.data 0x002d9000 0x0000dbc8 0x00009c00 801e9a71baf38235fa3afc637377d706 4.15
.pdata 0x002e7000 0x000154d4 0x00015600 ef63ff0a9aa2bdd9917be574a05b4eb8 6.17
.rsrc 0x002fd000 0x00006cc4 0x00006e00 e35cd6f65fce21534d6bb745e69291ab 4.41
.reloc 0x00304000 0x00004306 0x00004400 a96025ce7d23eba4351a5c2f2dbdd434 3.69

Leave a comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Gridinsoft Anti-Malware