Gridinsoft Logo

Space Ransomware STOP/Djvu Analysis

Ransomware STOP/Djvu
Updated on 2024-02-13 (10 months ago)
Checked by Online Virus Scanner
Online Virus Checker v.1.0.161.174
DB Version: 2024-02-13 17:01:04

Ransom.Win32.STOP.tr!n

STOP/Djvu Ransomware, also known simply as STOP Ransomware or Djvu Ransomware, is a type of malicious software that encrypts the files on a victim's computer and demands a ransom for their decryption. This ransomware variant has been active for several years and has affected numerous users and organizations.

File Space
Checked 2024-02-13 15:52:12
MD5 d473778b0f10692a2fb1ef33d26f5759
SHA1 c1e422e12cc1a23edad6e5d34bba0187d3175627
SHA256 9737047a6cf9c18ad4eb8eff4d7b090453dd69d1b64f0c2ffe7a5deab121e637
SHA512 e2052b4ca7d8aef7785ba16b87f2e54a7330d2fae04a7ac42069584063063e7931d3c1b2d31ad62ab8c27a118dfef1ed081cd1a5fa3ce5c7d61d6a926b898ba8
Imphash d492b09c073a9c2f77d881ff99fa361e
File Size 747008 bytes

Ransom.Win32.STOP.tr!n Removal

Ransom.Win32.STOP.tr!n Removal

Gridinsoft has the capability to identify and eliminate Ransom.Win32.STOP.tr!n without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

File Version Information

FileVersion 51.73.14.61
FileDescription Second
OriginalFilename Space
ProductName Tube
ProductVersion 22.44.34.44
Translation 0x040a 0x0671

Portable Executable Info

122bc9a47e8d09826498164676829fe8
69b50aad9cd0fcc8ddd73a4eb1365f3a
e8e0eeeaeae2eaea
Image Base: 0x00400000
Entry Point: 0x00402796
Compilation: 2023-08-17 06:49:26
Checksum: 0x000bccab (Actual: 0x000bccab)
OS Version: 5.0
PDB Path: C:\beg17\n.pdb
PEiD: PE32 executable (GUI) Intel 80386, for MS Windows
Sign: The PE file does not contain a certificate table.
Sections: 4
Imports: KERNEL32, USER32, WINHTTP,
Exports: 0
Resources: 15

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
.text 0x00001000 0x000a3469 0x000a3600 ae9aecc96a14006c5739c7ef89240a1f 7.96
.rdata 0x000a5000 0x0000540a 0x00005600 3945b63405d1a0feb5161f4035e827dd 5.73
.data 0x000ab000 0x00012548 0x00005400 99210240be4af737c00f06c1475ad52b 1.23
.rsrc 0x000be000 0x00008158 0x00008200 28474681bbfe22510e2a06e454e2e570 4.74

Leave a comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Gridinsoft Anti-Malware