Please ensure you understand and agree with our data protection policy before using this site. Review Policy
Analyze suspicious files to detect malware and automatically share them with our team. You can compress your file into a zip archive (if needed, we use the password "infected" to extract before checking).
Wacatac is a type of malware that falls under the wide category of computer viruses. It is known for its malicious capabilities, which include data theft, system compromise, and the execution of additional malicious payloads on the infected system like ransomware.
Checked: | 2023-09-22 15:26:50 |
MD5: | 2f9691d9a3db0bc5658a2276277717c6 |
SHA1: | 9d59b51b4a92745ada744baa545b33fd1ea4a085 |
SHA256: | a8764e5ab4a270a766f0525645653f8ac46a7f8e11fb0796a4c26898f2023095 |
SHA512: | 305096ce8af5af2425fe1414f62872acbee73f32748251309995853f3211de6078fa6a63b965baace9d5e63a9a866b0904da3fb06a3d854bbb1960631830cb2d |
Imphash: | e569e6f445d32ba23766ad67d1e3787f |
File Size: | 10025432 bytes |
Gridinsoft has the capability to identify and eliminate Trojan.Win32.Wacatac.dd!n without requiring further user intervention.
GlobalSign | GlobalSign nv-sa (BE) |
GlobalSign Code Signing Root R45 | GlobalSign nv-sa (BE) |
GlobalSign GCC R45 CodeSigning CA 2020 | FOP Gustilin Grigoriy Oleksandrovich (UA) |
Verification | OK |
Comments | This installation was built with Inno Setup. |
CompanyName | UKRAINEGTA |
FileDescription | Онлайн гра про Україну |
FileVersion | 2.1.1.1 |
LegalCopyright | CDPRO.SPACE |
OriginalFileName | |
ProductName | LAUNCHER |
ProductVersion | 2.1.1.1 |
Translation | 0x0000 0x04b0 |
66904cbf705445386eac44389068c174 a608d4fcd841bd0a38c5b193e7a54191 620f70b679698281 |
|
Image Base: | 0x00400000 |
Entry Point: | 0x004b5eec |
Compilation: | 2022-04-14 16:10:23 |
Checksum: | 0x009992a8 (Actual: 0x009992a8) |
OS Version: | 6.1 |
PEiD: | PE32 executable (GUI) Intel 80386, for MS Windows |
Sign: | OK |
Sections: | 10 |
Imports: | kernel32, comctl32, version, user32, oleaut32, netapi32, advapi32, |
Exports: | 3 |
Resources: | 18 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
---|---|---|---|---|---|
.text | 0x00001000 | 0x000b39e4 | 0x000b3a00 | 43af0a9476ca224d8e8461f1e22c94da | 6.36 |
.itext | 0x000b5000 | 0x00001688 | 0x00001800 | 185e04b9a1f554e31f7f848515dc890c | 5.97 |
.data | 0x000b7000 | 0x000037a4 | 0x00003800 | cab2107c933b696aa5cf0cc6c3fd3980 | 5.05 |
.bss | 0x000bb000 | 0x00006de8 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.idata | 0x000c2000 | 0x00000fdc | 0x00001000 | e7d1635e2624b124cfdce6c360ac21cd | 5.03 |
.didata | 0x000c3000 | 0x000001a4 | 0x00000200 | 8ced971d8a7705c98b173e255d8c9aa7 | 2.75 |
.edata | 0x000c4000 | 0x0000009a | 0x00000200 | 8d4e1e508031afe235bf121c80fd7d5f | 1.88 |
.tls | 0x000c5000 | 0x00000018 | 0x00000000 | d41d8cd98f00b204e9800998ecf8427e | 0.00 |
.rdata | 0x000c6000 | 0x0000005d | 0x00000200 | 8f2f090acd9622c88a6a852e72f94e96 | 1.38 |
.rsrc | 0x000c7000 | 0x00011e20 | 0x00012000 | a49db9f2b87a5223209166f1e8b3480c | 7.59 |