PowerISO.v8.4.exe Trojan Wacatac Analysis

Trojan Wacatac
Updated on 2024-07-16 (1 month ago)
Checked by Online Virus Scanner
Online Virus Checkerv.1.0.182.174
DB Version:2024-07-16 14:00:17

Ransom.Win32.Wacatac.cld

Wacatac is a type of malware that falls under the wide category of computer viruses. It is known for its malicious capabilities, which include data theft, system compromise, and the execution of additional malicious payloads on the infected system like ransomware.

FilePowerISO.v8.4.exe
Checked2024-07-16 11:26:11
MD5d09534a4178c41067562b80bf9098489
SHA1bc5c96578ba9dadf157ff1e06419e1bae23273e4
SHA256ba7ed53839bfb596dda7e4aef8e5721fe6196eccbb8cde9a2c83bd3f8e9ce091
SHA512e0e0cd5f4fa8fa12a7c63420a14250ca95246c576174e753b360b29b14e2e7416813d3608eda6eaae0afd7020961f04ba1f4b8e0741302e0fa2f40b2fc0b0414
Imphash24f4223e271413c25abad52fd456a9bc
File Size9457615 bytes

Ransom.Win32.Wacatac.cld Removal

Ransom.Win32.Wacatac.cld Removal

Gridinsoft has the capability to identify and eliminate Ransom.Win32.Wacatac.cld without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

File Version Information

Comments
CompanyNamePower Software Ltd
FileDescriptionPowerISO v8.4
FileVersion8.4.0.0
LegalCopyright© Power Software Ltd
ProductNamePowerISO v8.4
Translation0x0419 0x04e3

Portable Executable Info

7bebfcd5f6a2d91d6ca56ca62606dc37
bf33cf26010651298db60d32faac6efb
71f0f0ccccf0f071
Image Base:0x00400000
Entry Point:0x0040350d
Compilation:2019-12-16 00:54:10
Checksum:0x00000000 (Actual: 0x009098b4)
OS Version:4.0
PEiD:PE32 executable (GUI) Intel 80386, for MS Windows
Sign:The PE file does not contain a certificate table.
Sections:5
Imports: KERNEL32, USER32, GDI32, SHELL32, ADVAPI32, COMCTL32, ole32,
Exports: 0
Resources:17

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
.text 0x00001000 0x0000647b 0x00006600 666009bcc881dfa69c2598261539c74e 6.42
.rdata 0x00008000 0x00001384 0x00001400 c0b38cbc803107c82ebed5a1c15c1ffa 5.14
.data 0x0000a000 0x00066358 0x00000600 8ba920d3411caa9695a5cbe62f73d325 4.00
.ndata 0x00071000 0x0008c000 0x00000000 d41d8cd98f00b204e9800998ecf8427e 0.00
.rsrc 0x000fd000 0x00025ca8 0x00025e00 00ea1b7799620c0255b1ebbae91747d5 5.68

Leave a comment*

Share your thoughts or insights about this file. Do you align with our conclusion?

*Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Please Wait...

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Learn more Download Now
Gridinsoft Anti-Malware