Gridinsoft Logo

CTFarmPro_vyp96o-XG7FBTA3Zb.exe Trojan Wacatac Analysis

Trojan Wacatac
Updated on 2025-01-26 (1 day ago)
Checked by Online Virus Scanner
Online Virus Checker v.1.0.205.174
DB Version: 2025-01-26 11:00:54

Ransom.Win32.Wacatac.sa

Wacatac is a type of malware that falls under the wide category of computer viruses. It is known for its malicious capabilities, which include data theft, system compromise, and the execution of additional malicious payloads on the infected system like ransomware.

File CTFarmPro_vyp96o-XG7FBTA3Zb.exe
Checked 2025-01-26 09:18:10
MD5 08b8a824544b6b7b1259a6182c3efb5e
SHA1 719e0c92dedd6359a376b5022eaf7afab1425048
SHA256 40168d085c13500f456eb319191d9b8b33a47a889477b4f9404b6cf19141e3ed
SHA512 b8505d2cb9c208ce573c9bbcb7bb87da1eb0977c2c39195abe7b08ace7b7af536670bd948ada80e4678317fb161e511d4479fe8f382faecb529081c0fe2ac77d
Imphash f4639a0b3116c2cfc71144b88a929cfd
File Size 6280576 bytes

Ransom.Win32.Wacatac.sa Removal

Ransom.Win32.Wacatac.sa Removal

Gridinsoft has the capability to identify and eliminate Ransom.Win32.Wacatac.sa without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

File Version Information

FileDescription CTFarm Setup
FileVersion 1.0.5.0
LegalCopyright Copyright (C) Cryptotab OU 2024
ProductName CTFarm Setup
ProductVersion 1.0.5.0
Translation 0x0409 0x04b0

Portable Executable Info

bf59b387f05fe92f201965bf2c9a1905
af53b40dc352543084d46e1d849966b5
ccb6b4ccecd292cc
Image Base: 0x00400000
Entry Point: 0x00403552
Compilation: 2024-03-30 16:55:23
Checksum: 0x006075eb (Actual: 0x006075eb)
OS Version: 4.0
PEiD: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
Sign: OK
Sections: 5
Imports: ADVAPI32, SHELL32, ole32, COMCTL32, USER32, GDI32, KERNEL32,
Exports: 0
Resources: 12

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
.text 0x00001000 0x000068f8 0x00006a00 595406ea4e71ef6f8675a1bd30bcc8f9 6.48
.rdata 0x00008000 0x00001464 0x00001600 a995b118b38426885fc6ccaa984c8b7a 4.97
.data 0x0000a000 0x0002a818 0x00000600 7a91ec9f1c18e608c3f3f503ba4191c1 4.17
.ndata 0x00035000 0x0002b000 0x00000000 d41d8cd98f00b204e9800998ecf8427e 0.00
.rsrc 0x00060000 0x0000a010 0x0000a200 c1c97bdb5b5c4da0ccbfc16fba7e3d95 6.34

Leave a comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware