Using this site

Please ensure you understand and agree with our data protection policy before using this site. Review Policy

授業deえっち?_chs.exe Ransomware STOP/Djvu Analysis

Ransomware STOP/Djvu
Updated on 2024-02-17 (2 months ago)
Checked by Online Virus Scanner
Online Virus Checkerv.1.0.165.174
DB Version:2024-02-17 10:00:15

Ransom.Win32.STOP.dg!se51856

STOP/Djvu Ransomware, also known simply as STOP Ransomware or Djvu Ransomware, is a type of malicious software that encrypts the files on a victim's computer and demands a ransom for their decryption. This ransomware variant has been active for several years and has affected numerous users and organizations.

File授業deえっち?_chs.exe
Checked2024-02-17 11:02:21
MD5c02fb5958ee0f83d5d4e03285dcbfb4c
SHA19504fc0a48505573efe6727f972551739780695b
SHA2564bd534e4e7aa468cda99bc33a82a58d7f36af31dba86db564f7f31925c36e6e0
SHA512b7f19545538aecbc9e12c3b6000b0321ab7fca268c1dbb7034e5b16a4551fc713f26b80f81d7ff15f276b7bd533b4108a88364c7e1a363d4862fe092c2cc02c9
Imphash2f727a975c44a2925ace416e4a5ad2d8
File Size6094848 bytes

Ransom.Win32.STOP.dg!se51856 Removal

Ransom.Win32.STOP.dg!se51856 Removal

Gridinsoft has the capability to identify and eliminate Ransom.Win32.STOP.dg!se51856 without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

Portable Executable Info

843c789cffd4754ba8e00062d3092cb2
829bcb0afdb95882b0ccb82856de13cd
fe5a9a929a9a8ec0
Image Base:0x00400000
Entry Point:0x00464c9a
Compilation:2011-07-15 12:47:38
Checksum:0x000d9703 (Actual: 0x005d73ef)
OS Version:4.0
PEiD:PE32 executable (GUI) Intel 80386, for MS Windows
Sign:The PE file does not contain a certificate table.
Sections:6
Imports: kernel32, user32, advapi32, oleaut32, ole32, ntdll, SHFolder, shlwapi,
Exports: 0
Resources:40

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
.text 0x00001000 0x0009d4aa 0x0009e000 0fac66cc26dd8a708dfa1a65912c180d 6.73
.rdata 0x0009f000 0x00007222 0x00008000 c98a4beeac7b84a3caadc7e553a36372 6.30
.data 0x000a7000 0x00110338 0x0001c000 f0db64e1f22887ec54d642a453020e97 6.03
.rsrc 0x001b8000 0x00007af4 0x00008000 9c372fce5db3f57953b024d3238ea398 5.19
.enigma1 0x001c0000 0x00001000 0x004be000 4ddd0e7d8d5ab326d899b2f8ca8ffa2c 6.82
.enigma2 0x001c1000 0x00047000 0x00047000 fc7440d07bce52cc856ff210c4ba8ad3 5.86

Leave a comment*

Share your thoughts or insights about this file. Do you align with our conclusion?

*Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Please Wait...

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Learn more Download Now
Gridinsoft Anti-Malware