File Name | IDM 6.xx Activator or Resetter v3.1.exe |
File Type |
PE32 executable (GUI) Intel 80386, for MS Windows
|
Scanner Version | 1.0.185.174 |
Database Version | 2024-09-01 23:00:33 UTC |
Malware family: Wacatac
Hash Type | Value | Action |
---|---|---|
MD5 |
61208ef95b922b0e93f0dbea9d4d565d
|
|
SHA1 |
c7202857462a081b7effa7a16ed97c7c56d1a125
|
|
SHA256 |
c0f92bb95f40c549b501e4c65b301258b20bca2e277b7bb765a0980422b9ef45
|
|
SHA512 |
17ccb5aca471e47959c6fbf29595966cd52ec2e521901fe9579f664497bec2334f12a5b9e05a1f2ffe1d8e202a66988c9fc505f3fa369c6d435c97c96f3097db
|
|
ImpHash |
b5a014d7eeb4c2042897567e1288a095
|
Icon |
Hash: a3c4fdd5deb6da41dd6b4460e66da640
Fuzzy: 6e759158590896f118be5a236ce99735 dHash: 50dc06939bc2ec70 |
Image Base | 0x00400000 |
Entry Point | 0x00411def |
Compilation Time | 2010-06-27 07:06:38 |
Checksum | 0x000e6111 (Actual: 0x000e6111) |
OS Version | 4.0 |
PEiD Signatures |
PE32 executable (GUI) Intel 80386, for MS Windows
|
Digital Signature | The PE file does not contain a certificate table. |
Imports |
8 libraries
COMCTL32, KERNEL32, USER32, GDI32, SHELL32, ole32, OLEAUT32, MSVCRT |
Exports | 0 functions |
Resources | 4 Resources |
Sections | 4 Sections |
Comments | IDM 6.xx Activator or Resetter - CrackingCity.com |
CompanyName | CrackingCity.com |
FileDescription | IDM 6.xx Activator or Resetter |
FileVersion | 3.1.0.0 |
InternalName | IDM 6.xx Activator or Resetter.exe |
LegalCopyright | CrackingCity.com, Copyright © 2020 - 2023 |
OriginalFilename | IDM 6.xx Activator or Resetter.exe |
ProductName | IDM 6.xx Activator or Resetter |
ProductVersion | 3.1.0.0 |
Translation | 0x0000 0x04b0 |
Name | Virtual Address | Virtual Size | Raw Size | Entropy | Characteristics | MD5 |
---|---|---|---|---|---|---|
.text |
0x00001000 |
70,423 bytes | 70,656 bytes | 6.58 (Compressed) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
797279C5AB1A163AED1F2A528F9FE3CE |
.rdata |
0x00013000 |
12,522 bytes | 12,800 bytes | 5.55 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
1359639B02BCB8F0A8743E6EAD1C0030 |
.data |
0x00017000 |
10,540 bytes | 2,048 bytes | 3.66 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
9415C9C8DEA3245D6D73C23393E27D8E |
.rsrc |
0x0001a000 |
95,047 bytes | 95,232 bytes | 1.76 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
818E14B614C2B9DCD9738EF437566B77 |
1 section(s) with elevated entropy (≥6.5) - possible compression
Resource Type | Count | Total Size | Percentage |
---|---|---|---|
RT_ICON | 1 | 93,040 bytes | |
RT_GROUP_ICON | 1 | 20 bytes | |
RT_VERSION | 1 | 1,048 bytes | |
RT_MANIFEST | 1 | 635 bytes |
This file is not digitally signed.
⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources
The PE file does not contain a certificate table.
Recommendation: Verify the file source and ensure it comes from a trusted publisher.
Gridinsoft has the capability to identify and eliminate Malware.Win32.Wacatac.cc without requiring further user intervention.
Download Anti-MalwareFollow these steps to completely remove the threat from your system