Online Virus Checker | v.1.0.161.174 |
DB Version: | 2024-02-13 17:01:04 |
STOP/Djvu Ransomware, also known simply as STOP Ransomware or Djvu Ransomware, is a type of malicious software that encrypts the files on a victim's computer and demands a ransom for their decryption. This ransomware variant has been active for several years and has affected numerous users and organizations.
File | Space |
Checked | 2024-02-13 15:52:12 |
MD5 | d473778b0f10692a2fb1ef33d26f5759 |
SHA1 | c1e422e12cc1a23edad6e5d34bba0187d3175627 |
SHA256 | 9737047a6cf9c18ad4eb8eff4d7b090453dd69d1b64f0c2ffe7a5deab121e637 |
SHA512 | e2052b4ca7d8aef7785ba16b87f2e54a7330d2fae04a7ac42069584063063e7931d3c1b2d31ad62ab8c27a118dfef1ed081cd1a5fa3ce5c7d61d6a926b898ba8 |
Imphash | d492b09c073a9c2f77d881ff99fa361e |
File Size | 747008 bytes |
Gridinsoft has the capability to identify and eliminate Ransom.Win32.STOP.tr!n without requiring further user intervention.
FileVersion | 51.73.14.61 |
FileDescription | Second |
OriginalFilename | Space |
ProductName | Tube |
ProductVersion | 22.44.34.44 |
Translation | 0x040a 0x0671 |
122bc9a47e8d09826498164676829fe8 69b50aad9cd0fcc8ddd73a4eb1365f3a e8e0eeeaeae2eaea |
|
Image Base: | 0x00400000 |
Entry Point: | 0x00402796 |
Compilation: | 2023-08-17 06:49:26 |
Checksum: | 0x000bccab (Actual: 0x000bccab) |
OS Version: | 5.0 |
PDB Path: | C:\beg17\n.pdb |
PEiD: | PE32 executable (GUI) Intel 80386, for MS Windows |
Sign: | The PE file does not contain a certificate table. |
Sections: | 4 |
Imports: | KERNEL32, USER32, WINHTTP, |
Exports: | 0 |
Resources: | 15 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
---|---|---|---|---|---|
.text | 0x00001000 | 0x000a3469 | 0x000a3600 | ae9aecc96a14006c5739c7ef89240a1f | 7.96 |
.rdata | 0x000a5000 | 0x0000540a | 0x00005600 | 3945b63405d1a0feb5161f4035e827dd | 5.73 |
.data | 0x000ab000 | 0x00012548 | 0x00005400 | 99210240be4af737c00f06c1475ad52b | 1.23 |
.rsrc | 0x000be000 | 0x00008158 | 0x00008200 | 28474681bbfe22510e2a06e454e2e570 | 4.74 |