Gridinsoft Logo

RIMG-Scan_PO_44.exe Trojan Wacatac Analysis

Trojan Wacatac
Updated on 2024-07-13 (2 months ago)
Checked by Online Virus Scanner
Online Virus Checker v.1.0.182.174
DB Version: 2024-07-13 14:00:16

Ransom.Win32.Wacatac.sa

Wacatac is a type of malware that falls under the wide category of computer viruses. It is known for its malicious capabilities, which include data theft, system compromise, and the execution of additional malicious payloads on the infected system like ransomware.

File rIMG-Scan_PO_44.exe
Checked 2024-07-13 11:11:19
MD5 8b5f86cce05daa3696e4b4127dc5a29d
SHA1 94e897337bd01cada024fce5bfe9681897b2a7e2
SHA256 d0149e816937c3d187140af8bb91858c5afaca1320c98697a02e2bd890f098a1
SHA512 36e9319f7e52b1521d355774d3a7fbce22468b639a292c197b4061d457e258e562d17286999b5e7b715682f2fd859130c3c29c264a086a7d398ff682ff942af5
Imphash f34d5f2d4577ed6d9ceec516c1f5a744
File Size 763904 bytes

Ransom.Win32.Wacatac.sa Removal

Ransom.Win32.Wacatac.sa Removal

Gridinsoft has the capability to identify and eliminate Ransom.Win32.Wacatac.sa without requiring further user intervention.

  • Start by downloading Gridinsoft Anti-Malware to your computer.
  • Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  • Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  • Click on the "Standard Scan" button.
  • After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  • If prompted, restart your system to complete the removal process.

File Version Information

Translation 0x0000 0x04b0
Comments FPS Acculator
CompanyName
FileDescription FPS Acculator
FileVersion 1.2.3.1
InternalName plQB.exe
LegalCopyright
LegalTrademarks Nvidia
OriginalFilename plQB.exe
ProductName FPSHack
ProductVersion 1.2.3.1
Assembly Version 1.2.0.0

Portable Executable Info

6b6a6ba89b62e0612f77e17a9f20aca2
3d0d14bfbff073451dd7234e7f413fa6
0060687070687000
Image Base: 0x00400000
Entry Point: 0x004ba23e
Compilation: 2024-07-10 22:21:20
Checksum: 0x00000000 (Actual: 0x000bc842)
OS Version: 4.0
PEiD: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Sign: The PE file does not contain a certificate table.
Sections: 3
Imports: mscoree,
Exports: 0
Resources: 4

Sections

Name Virtual Address Virtual Size Raw Size MD5 Entropy
.text 0x00002000 0x000b8244 0x000b8400 1036cfd6720fcd196549a699339435aa 7.85
.rsrc 0x000bc000 0x00002000 0x00002000 a0341b2a4d708c84bc409b9f2f35b577 5.70
.reloc 0x000be000 0x0000000c 0x00000200 b1710d87aa805c60f55ff9119864d5d4 0.10

Leave a comment *

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Learn more Download Now