Categories: Trojan

Trojan.Wecod removal tips

The Trojan.Wecod is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan.Wecod virus can do?

Executable code extraction
Creates RWX memory
A process attempted to delay the analysis task.
Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
Unconventionial language used in binary resources: Korean
The binary likely contains encrypted or compressed data.
Network activity detected but not expressed in API logs
Anomalous binary characteristics

How to determine Trojan.Wecod?


File Info:
crc32: 27C9B3ECmd5: 140ad8968884f5acecc15449ce71be87name: 140AD8968884F5ACECC15449CE71BE87.mlwsha1: 41505f50d80c17a5c8524e466ebd071aca184804sha256: e9af768157b77ccd92a348e68c1d08aae2d85ba4c355d239d6527a6c3addf969sha512: b4b4c9c7c06d86d6a3ee68c0aacd237840bceb7607d2e0105ab18aa89fb45fd39c922c93adca88f9675a64c6ea3bb6f654f68db63fdc3ba97cc600ccb8a43a53ssdeep: 6144:xWcT0ewGRhEfP0D8Dl7QUgwVgsFzj5L+pIubau:xWc6GfTDS7vXVHlL+pzjtype: PE32 executable (GUI) Intel 80386, for MS Windows, PECompact2 compressed
Version Info:
0: [No Data]

Trojan.Wecod also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Backdoor ( 0051170b1 )
Elastic	malicious (high confidence)
DrWeb	Trojan.AVKill.63876
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.Urelas.C.mue
Cylance	Unsafe
Zillya	Trojan.Cardspy.Win32.91
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
K7GW	Trojan ( 0053a0a01 )
Cybereason	malicious.68884f
Cyren	W32/Urelas.E.gen!Eldorado
Symantec	SMG.Heur!gen
ESET-NOD32	a variant of Win32/Spy.CardSpy.NAF
APEX	Malicious
Avast	Win32:Dropper-NVX [Drp]
ClamAV	Win.Trojan.Agent-1150101
Kaspersky	UDS:DangerousObject.Multi.Generic
BitDefender	Gen:Heur.Mint.SP.Urelas.1
NANO-Antivirus	Trojan.Win32.CardSpy.crupzr
ViRobot	Backdoor.Win32.Plite.236195
MicroWorld-eScan	Gen:Heur.Mint.SP.Urelas.1
Tencent	Malware.Win32.Gencirc.10b3994d
Ad-Aware	Gen:Heur.Mint.SP.Urelas.1
Sophos	ML/PE-A + Troj/Cardspy-G
Comodo	TrojWare.Win32.Small.NAF@531prv
BitDefenderTheta	Gen:NN.ZexaF.34170.omXfaO5tf0mi
VIPRE	Trojan.Win32.FakeAV.jok (v)
TrendMicro	TROJ_BEAUGRIT_GE16002C.UVPM
McAfee-GW-Edition	BehavesLike.Win32.Corrupt.dc
FireEye	Generic.mg.140ad8968884f5ac
Emsisoft	Gen:Heur.Mint.SP.Urelas.1 (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan/Wecod.gt
Avira	HEUR/AGEN.1122924
eGambit	Unsafe.AI_Score_99%
Antiy-AVL	Trojan/Generic.ASMalwS.577552
Microsoft	Ransom:Win32/StopCrypt!ml
Arcabit	Trojan.Mint.SP.Urelas.1
SUPERAntiSpyware	Trojan.Agent/Gen-Urelas
GData	Win32.Trojan.PSE.RLMYP5
AhnLab-V3	Backdoor/Win32.Plite.R87816
Acronis	suspicious
McAfee	Obfuscated-FANO!hb
MAX	malware (ai score=88)
VBA32	Trojan.Wecod
Malwarebytes	Malware.AI.748930862
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	TROJ_BEAUGRIT_GE16002C.UVPM
Rising	Spyware.CardSpy!1.A1A8 (CLASSIC)
Yandex	Trojan.GenAsa!g+FK0YSHCGY
Ikarus	Trojan.Win32.Urelas
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W32/Wecod.ALL!tr
AVG	Win32:Dropper-NVX [Drp]