Should I remove “Trojan:Win32/Wacatac.A!ml”?

Malware Removal

The Trojan:Win32/Wacatac.A!ml is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

What Trojan:Win32/Wacatac.A!ml virus can do?

  • Executable code extraction
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Anomalous binary characteristics

How to determine Trojan:Win32/Wacatac.A!ml?


File Info:

crc32: D4F41A57
md5: 0a13000c2ecf9a8b39f5498cce45a53d
name: remcryp.exe
sha1: 90e1f7033afc5dc68eea8274b947052e8200c41b
sha256: 23a02ddd91e983f70ea0319ccc6372464ec82e6fd6067cefe1dfd442c69ee60d
sha512: 2ef0c2b1dd1e9d9479bf544857cfe6f79fac61cd5909476df0aacb21dc4153a4e1cf90e746048d680dc5175997b7ce6371f59f8a58e7242576c767eb8f6dd342
ssdeep: 12288:WjLg0hkEtrzcDTTn8oIiQT3WWkou5+TtnSHG:wU0hjcj8oFQqWk2tn
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

Translation: 0x0409 0x04b0
InternalName: ControRAX
FileVersion: 1.00
Comments: AUTO
ProductName: MatreFISTRoccaF4
ProductVersion: 1.00
OriginalFilename: ControRAX.exe

Trojan:Win32/Wacatac.A!ml also known as:

MicroWorld-eScanGen:Variant.Razy.584376
McAfeeGenericRXJD-RS!0A13000C2ECF
CylanceUnsafe
AlibabaTrojan:Win32/Injector.5e86732c
K7GWTrojan ( 0055c16b1 )
ArcabitTrojan.Razy.D8EAB8
Invinceaheuristic
F-ProtW32/Injector.VF.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Injector.EJCS
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan.Win32.Crypt.ajqi
BitDefenderGen:Variant.Razy.584376
RisingSpyware.Noon!8.E7C9 (TFE:5:mBUkJ1n2ABT)
Ad-AwareGen:Variant.Razy.584376
McAfee-GW-EditionBehavesLike.Win32.Fareit.hc
FortinetW32/Injector.EJBG!tr
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.0a13000c2ecf9a8b
SophosMal/FareitVB-X
IkarusTrojan-Spy.Keylogger.AgentTesla
CyrenW32/Injector.VF.gen!Eldorado
MAXmalware (ai score=86)
Endgamemalicious (high confidence)
MicrosoftTrojan:Win32/Wacatac.A!ml
ZoneAlarmTrojan.Win32.Crypt.ajqi
Acronissuspicious
ALYacGen:Variant.Razy.584376
MalwarebytesTrojan.MalPack.VB
TrendMicro-HouseCallTROJ_GEN.R002C0RKP19
SentinelOneDFI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
GDataGen:Variant.Razy.584376
BitDefenderThetaGen:NN.ZevbaCO3.32515.Km0@a8J01fli
CrowdStrikewin/malicious_confidence_90% (W)
Qihoo-360Win32/Trojan.107

How to remove Trojan:Win32/Wacatac.A!ml?

Trojan:Win32/Wacatac.A!ml removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment