Petshop.exe Ransomware STOP/Djvu Analysis

Ransomware STOP/Djvu
Updated on 2023-09-19 (5 months ago)
Checked by Online Virus Scanner
Online Virus Checkerv.1.0.139.174
DB Version:2023-09-19 02:01:30

Ransom.Win32.STOP.ca

STOP/Djvu Ransomware, also known simply as STOP Ransomware or Djvu Ransomware, is a type of malicious software that encrypts the files on a victim's computer and demands a ransom for their decryption. This ransomware variant has been active for several years and has affected numerous users and organizations.

Filepetshop.exe
Checked2023-09-18 23:34:50
MD575747bfd55fe1ae1d3cfef6264ec582b
SHA1783e5538edcca02d061dd21085097f2d104ea098
SHA256abc29462bf6643a78fd8ebce22af6423456be4a1f7982cacddf0d05769b3847f
SHA5124688779c6a1efb1b379b1af15533179a30cef5ee1b13d69878dcfb44b647f728dd86bdbabd0e1674c6552c2fae6aa7d18673d9119706b5e67d93aed93549316e
Imphashb5d21c7b01a6fc37863814a89f8ee87a
File Size717312 bytes

Ransom.Win32.STOP.ca Removal

Ransom.Win32.STOP.ca Removal

Gridinsoft has the capability to identify and eliminate Ransom.Win32.STOP.ca without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

File Version Information

FileDescriptionSilvuple
LegalCopyrightCopyright (C) 2022, Uniqum
OriginalFilenamepetshop.exe
ProductsVersion9.50.11.69
ProductNameJunfsiol
ProductionVersion82.67.62.16
Translation0x05bf 0x0ad5

Portable Executable Info

aea99008a1672f357d84bda60f257a4c
8ee2008a40dfe234d78be2850a57fd44
bce9f6f2e0c4ebf4
Image Base:0x00400000
Entry Point:0x004052c8
Compilation:2023-01-15 00:54:31
Checksum:0x000b415e (Actual: 0x000b415e)
OS Version:5.0
PDB Path:C:\ravopupasake83\nag\1\diza\32\mazosem bozixaga73\muvi84\zoleta.pdb
PEiD:PE32 executable (GUI) Intel 80386, for MS Windows
Sign:The PE file does not contain a certificate table.
Sections:4
Imports: KERNEL32, USER32, GDI32,
Exports: 0
Resources:13

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
.text 0x00001000 0x0009f0f0 0x0009f200 3d20ded6c528d9c5652f20ea88dd46cd 7.97
.data 0x000a1000 0x0201df64 0x00002a00 acebddd5334fe4edc7334aecbcb9311a 1.15
.rsrc 0x020bf000 0x00004bd8 0x00004c00 dd846a84735306584c28a5b2f63db6d4 4.06
.reloc 0x020c4000 0x0000852c 0x00008600 c8035141d694927d210d6f85b07db748 0.94

Leave a comment*

Share your thoughts or insights about this file. Do you align with our conclusion?

*Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Please Wait...

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Gridinsoft Anti-Malware