Online Virus Checker | v.1.0.181.174 |
DB Version: | 2024-07-07 00:00:24 |
Wacatac is a type of malware that falls under the wide category of computer viruses. It is known for its malicious capabilities, which include data theft, system compromise, and the execution of additional malicious payloads on the infected system like ransomware.
File | OneKey.exe |
Checked | 2024-07-06 21:23:27 |
MD5 | b967a951488268dce91797d12ec4379a |
SHA1 | ca38f04ab266dd756dee6a667e3bfc897d83d065 |
SHA256 | a35c607f410213b4bd119c7faa88fd60717a97bd4c84da11ae515ee320fe5d81 |
SHA512 | a5c23c9d10a8eab75c96cdadaf4e108a6155a7474028a9a4649f35bc3b7c591d482f06a4131e97c94815727900801abbfe95668ff59c7dae7ca6552745b93a29 |
Imphash | 58c41d9c49c748c060398d3909617cc0 |
File Size | 2194944 bytes |
Gridinsoft has the capability to identify and eliminate Ransom.Win32.Wacatac.sa without requiring further user intervention.
CompanyName | AOMEI Tech Co., Ltd. |
FileDescription | AOMEI OneKey |
FileVersion | 1, 7, 1, 0 |
InternalName | AorUi |
LegalCopyright | AOMEI International Network Limited, 2009-2021. |
OriginalFilename | AorUi.exe |
ProductName | AOMEI OneKey |
ProductVersion | 1, 7, 1, 0 |
Translation | 0x0409 0x04b0 |
7969cbdd390f76800af2080c1981c574 ff1328bd31da9240126b8c2f2421c588 b669cc9696cd6996 |
|
Image Base: | 0x00400000 |
Entry Point: | 0x018ec5e7 |
Compilation: | 2021-12-01 01:01:16 |
Checksum: | 0x0021c815 (Actual: 0x0021c815) |
OS Version: | 4.0 |
PEiD: | MS-DOS executable PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, MZ for MS-DOS |
Sign: | The PE file does not contain a certificate table. |
Sections: | 3 |
Imports: | KERNEL32, OkFuncLogic, ntdll, QtCore4, QtGui4, urlmon, Comn, QtNetwork4, RPCRT4, QtWebKit4, USER32, COMDLG32, ADVAPI32, SHELL32, ole32, OLEAUT32, PE, MSVCP80, MSVCR80, WS2_32, WININET, WTSAPI32, VERSION, WINHTTP, |
Exports: | 1 |
Resources: | 11 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
---|---|---|---|---|---|
.MPRESS1 | 0x00001000 | 0x014eb000 | 0x001b1e00 | 154ce6b2b7ec90989e8031759192df78 | 8.00 |
.MPRESS2 | 0x014ec000 | 0x00001151 | 0x00001200 | 8f58ee7f9145231e75b6b970a29acb73 | 6.13 |
.rsrc | 0x014ee000 | 0x00064b78 | 0x00064c00 | 4c93a119f9889f1fc398ddb12b2b78da | 4.33 |