Trojan Wacatac Malware Analysis
| Online Virus Checker | v.1.0.139.174 |
| DB Version: | 2023-09-22 17:02:44 |
| Available languages: |        |
Scan Your File
Analyze suspicious files to detect malware and automatically share them with our team. You can compress your file into a zip archive (if needed, we use the password "infected" to extract before checking).
Trojan.Win32.Wacatac.dd!n
Wacatac is a type of malware that falls under the wide category of computer viruses. It is known for its malicious capabilities, which include data theft, system compromise, and the execution of additional malicious payloads on the infected system like ransomware.
| Checked: | 2023-09-22 15:26:50 |
| MD5: | 2f9691d9a3db0bc5658a2276277717c6 |
| SHA1: | 9d59b51b4a92745ada744baa545b33fd1ea4a085 |
| SHA256: | a8764e5ab4a270a766f0525645653f8ac46a7f8e11fb0796a4c26898f2023095 |
| SHA512: | 305096ce8af5af2425fe1414f62872acbee73f32748251309995853f3211de6078fa6a63b965baace9d5e63a9a866b0904da3fb06a3d854bbb1960631830cb2d |
| Imphash: | e569e6f445d32ba23766ad67d1e3787f |
| File Size: | 10025432 bytes |
Trojan.Win32.Wacatac.dd!n Removal
Gridinsoft has the capability to identify and eliminate Trojan.Win32.Wacatac.dd!n without requiring further user intervention.
- Start by downloading Gridinsoft Anti-Malware to your computer.
- Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
- Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
- Click on the "Standard Scan" button.
- After the scanning process is finished, click on "Clean Now" to remove any detected threats.
- If prompted, restart your system to complete the removal process.
Signers
| GlobalSign | GlobalSign nv-sa (BE) |
| GlobalSign Code Signing Root R45 | GlobalSign nv-sa (BE) |
| GlobalSign GCC R45 CodeSigning CA 2020 | FOP Gustilin Grigoriy Oleksandrovich (UA) |
| Verification | OK |
File Version Information
| Comments | This installation was built with Inno Setup. |
| CompanyName | UKRAINEGTA |
| FileDescription | Онлайн гра про Україну |
| FileVersion | 2.1.1.1 |
| LegalCopyright | CDPRO.SPACE |
| OriginalFileName | |
| ProductName | LAUNCHER |
| ProductVersion | 2.1.1.1 |
| Translation | 0x0000 0x04b0 |
Portable Executable Info
 |
66904cbf705445386eac44389068c174 a608d4fcd841bd0a38c5b193e7a54191 620f70b679698281 |
| Image Base: | 0x00400000 |
| Entry Point: | 0x004b5eec |
| Compilation: | 2022-04-14 16:10:23 |
| Checksum: | 0x009992a8 (Actual: 0x009992a8) |
| OS Version: | 6.1 |
| PEiD: | PE32 executable (GUI) Intel 80386, for MS Windows |
| Sign: | OK |
| Sections: | 10 |
| Imports: | kernel32, comctl32, version, user32, oleaut32, netapi32, advapi32, |
| Exports: | 3 |
| Resources: | 18 |
Sections
| Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
|---|---|---|---|---|---|
| .text | 0x00001000 | 0x000b39e4 | 0x000b3a00 | 43af0a9476ca224d8e8461f1e22c94da | 6.36 |
| .itext | 0x000b5000 | 0x00001688 | 0x00001800 | 185e04b9a1f554e31f7f848515dc890c | 5.97 |
| .data | 0x000b7000 | 0x000037a4 | 0x00003800 | cab2107c933b696aa5cf0cc6c3fd3980 | 5.05 |
| .bss | 0x000bb000 | 0x00006de8 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .idata | 0x000c2000 | 0x00000fdc | 0x00001000 | e7d1635e2624b124cfdce6c360ac21cd | 5.03 |
| .didata | 0x000c3000 | 0x000001a4 | 0x00000200 | 8ced971d8a7705c98b173e255d8c9aa7 | 2.75 |
| .edata | 0x000c4000 | 0x0000009a | 0x00000200 | 8d4e1e508031afe235bf121c80fd7d5f | 1.88 |
| .tls | 0x000c5000 | 0x00000018 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
| .rdata | 0x000c6000 | 0x0000005d | 0x00000200 | 8f2f090acd9622c88a6a852e72f94e96 | 1.38 |
| .rsrc | 0x000c7000 | 0x00011e20 | 0x00012000 | a49db9f2b87a5223209166f1e8b3480c | 7.59 |
