Online Virus Checker | v.1.0.168.174 |
DB Version: | 2024-03-01 05:00:17 |
STOP/Djvu Ransomware, also known simply as STOP Ransomware or Djvu Ransomware, is a type of malicious software that encrypts the files on a victim's computer and demands a ransom for their decryption. This ransomware variant has been active for several years and has affected numerous users and organizations.
File | J2w1onW7gvlQXpacsiE83Uue.exe |
Checked | 2024-03-01 03:59:58 |
MD5 | 175440137997a9ddee8d55496d31e931 |
SHA1 | 30fee56d96dd9fdeb293024c1f25ef1bc524ff39 |
SHA256 | e6c6ad948e9ad054f789500a6fda9485c861af7b48ae04001a8fc555ac0b3be5 |
SHA512 | e018e2691ba479634b334fd70a08bbbce11ed4d7ed7f7afdd8ad103b6c57cde3c9284935b61cc3fdf92d8ed885de6926d3a9ab5f69d77adc4fe2e9fba6120c71 |
Imphash | 7641afddf4654d16195180656b07d0a1 |
File Size | 762368 bytes |
Gridinsoft has the capability to identify and eliminate Ransom.Win32.STOP.ca without requiring further user intervention.
FileVersions | 53.15.14.94 |
FileDescription | Gun |
OriginalFilename | Survival |
ProductName | Circus |
ProductVersion | 1.0.0.1 |
Translation | 0x0409 0x04e4 |
eb746e06a5a1f6a5d618821c24432c86 34c14cc7f7068ea3a844c127821bee0b c8a4a4b48ca484e0 |
|
Image Base: | 0x00400000 |
Entry Point: | 0x004027d7 |
Compilation: | 2023-08-01 02:13:37 |
Checksum: | 0x000bb781 (Actual: 0x000bb781) |
OS Version: | 5.0 |
PDB Path: | C:\tiz\32\sowagire\91-dikeraw.pdb |
PEiD: | PE32 executable (GUI) Intel 80386, for MS Windows |
Sign: | The PE file does not contain a certificate table. |
Sections: | 4 |
Imports: | KERNEL32, USER32, ADVAPI32, |
Exports: | 0 |
Resources: | 14 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
---|---|---|---|---|---|
.text | 0x00001000 | 0x000a2da0 | 0x000a2e00 | 81cbaac43fccd9864720150f3439220f | 7.96 |
.rdata | 0x000a4000 | 0x0000547c | 0x00005600 | 43b675d8ca74fa02575907eb80c07388 | 5.75 |
.data | 0x000aa000 | 0x015f3d98 | 0x0000a200 | cebffe1762f45bedcc3b3077a9aafa09 | 0.68 |
.rsrc | 0x0169e000 | 0x00007690 | 0x00007800 | 63d3710f5a9e910c278fb6395e82fc4c | 4.64 |