About “Trojan:Script/Wacatac.B!ml” infection

Malware Removal

The Trojan:Script/Wacatac.B!ml is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Trojan:Script/Wacatac.B!ml virus can do?

  • Injection (inter-process)
  • Injection with CreateRemoteThread in a remote process
  • Uses Windows utilities for basic functionality
  • Network activity detected but not expressed in API logs

How to determine Trojan:Script/Wacatac.B!ml?


File Info:

crc32: 83EBFC95
md5: 79bd5b742c2a9a863bae07e47c5c4fed
name: upload_file
sha1: 88512b7e0f68c68aa909460ba53bb7c31eb732fb
sha256: b24d50e184b17946b49d861db3ecdd85824aa4a6ff46c391cf42d4b21605e9a8
sha512: 89c153e2a27f7a18f8fd14c9716363cb4dd66f1e47201ad97e9ed98de6d831f232d90b1ea64fc721bb450f7f9a9011e4bae5fd7a773de97eb8a1aa5a91c87aae
ssdeep: 768:SdyQKbBLlA/DO3vE/onpJS2Iro2wl8AEeu:SdjKZl+DO3c/onbS2vl8beu
type: ASCII text, with very long lines, with no line terminators

Version Info:

0: [No Data]

Trojan:Script/Wacatac.B!ml also known as:

MicroWorld-eScanGeneric.MSIL.Bladabindi.DEE28768
FireEyeGeneric.MSIL.Bladabindi.DEE28768
CAT-QuickHealBackdoor.Bladabindi.AL3
McAfeeBackDoor-NJRat
VIPREBackdoor.MSIL.Bladabindi.a (v)
TrendMicroBKDR_BLADABI.SMC
CyrenW32/MSIL_Bladabindi.AU.gen!Eldorado
TrendMicro-HouseCallBKDR_BLADABI.SMC
KasperskyTrojan.MSIL.Disfa.bop
BitDefenderGeneric.MSIL.Bladabindi.DEE28768
NANO-AntivirusTrojan.Win32.Disfa.dtznyx
RisingBackdoor.Njrat!1.9E49 (CLASSIC)
Ad-AwareGeneric.MSIL.Bladabindi.DEE28768
EmsisoftGeneric.MSIL.Bladabindi.DEE28768 (B)
DrWebTrojan.DownLoader11.13729
InvinceaTroj/DotNet-P
McAfee-GW-EditionBackDoor-NJRat
IkarusBackdoor.Script.Bladabindi
JiangminTrojanDropper.Autoit.dce
MicrosoftTrojan:Script/Wacatac.B!ml
ArcabitGeneric.MSIL.Bladabindi.DEED7060
ZoneAlarmTrojan.MSIL.Disfa.bop
GDataGeneric.MSIL.Bladabindi.DEE28768
ALYacGeneric.MSIL.Bladabindi.DEE28768
ESET-NOD32MSIL/Bladabindi.BC
MAXmalware (ai score=87)
FortinetMSIL/Agent.LI!tr
PandaGeneric Malware

How to remove Trojan:Script/Wacatac.B!ml?

Trojan:Script/Wacatac.B!ml removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment