Using this site

Please ensure you understand and agree with our data protection policy before using this site. Review Policy

Utsysc.exe Ransomware STOP/Djvu Analysis

Ransomware STOP/Djvu
Updated on 2024-02-21 (2 months ago)
Checked by Online Virus Scanner
Online Virus Checkerv.1.0.165.174
DB Version:2024-02-21 15:00:25

Ransom.Win32.STOP.tr!n

STOP/Djvu Ransomware, also known simply as STOP Ransomware or Djvu Ransomware, is a type of malicious software that encrypts the files on a victim's computer and demands a ransom for their decryption. This ransomware variant has been active for several years and has affected numerous users and organizations.

FileUtsysc.exe
Checked2024-02-21 15:07:46
MD5ac0f0cfa391d0f2900ebebac08580118
SHA1f1236be60b85aa1e7f5264e4610e9ef1f192442a
SHA2562f7bc154ff7f15135f69a43f738760b3a45b677a36b734d3e9e0c1c7cd897849
SHA5126f52d7300ada6b8f9a0c89d654931923821a478302ee273ffb3b62bd77a2af687d5ca23d98282b3ed64cd31b441d83301d19780c93c63cac7ff6303aef484c5a
Imphash63fbd33cf4b705e9ce0b5af578a99fd8
File Size390144 bytes

Ransom.Win32.STOP.tr!n Removal

Ransom.Win32.STOP.tr!n Removal

Gridinsoft has the capability to identify and eliminate Ransom.Win32.STOP.tr!n without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

File Version Information

FileVersion96.56.50.43
FileDescriptionSecond
OriginalFilenameSpace
ProductNameTube
ProductVersion22.16.40.61
Translation0x040a 0x0671

Portable Executable Info

9bd3c06975da7957a1b81260f99cd4be
b2b51230aab611a32292ed3db5d4ab6c
e0e4eaeaeae2e4ea
Image Base:0x00400000
Entry Point:0x00402399
Compilation:2023-07-16 11:12:09
Checksum:0x0006b492 (Actual: 0x0006b492)
OS Version:5.0
PDB Path:C:\hehigubafeh-45_fehu\23-togiliyefuc\vot zofucolumumip\r.pdb
PEiD:PE32 executable (GUI) Intel 80386, for MS Windows
Sign:The PE file does not contain a certificate table.
Sections:4
Imports: KERNEL32, USER32, ADVAPI32, ole32, WINHTTP,
Exports: 0
Resources:18

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
.text 0x00001000 0x0004caa9 0x0004cc00 f93f82eec80110fea526c697fe84330c 7.79
.rdata 0x0004e000 0x00005344 0x00005400 854e5f8da4f86f2ec0d9b4bbe3208576 5.82
.data 0x00054000 0x00012424 0x00005200 96a451139b3fce7dbfc960f647b9c07e 1.24
.rsrc 0x00067000 0x00009d88 0x00007e00 320426522d72ba3b5c76ffd08cf38396 4.73

Leave a comment*

Share your thoughts or insights about this file. Do you align with our conclusion?

*Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Please Wait...

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Learn more Download Now
Gridinsoft Anti-Malware