How to remove SafeSign_ICBC_Cor.exe

SafeSign_ICBC_Cor.exe

The module SafeSign_ICBC_Cor.exe has been detected as Trojan.Wacatac

SafeSign_ICBC_Cor.exe
Remove SafeSign_ICBC_Cor.ex

File Details

Product Name:

setup Application
MD5: 9c97a62612f6f6799962c50e26a0a87c
Size: 16 MB
First Published: 2025-04-21 23:00:48 (6 months ago)
Latest Published: 2025-04-21 23:00:48 (6 months ago)
Status: Trojan.Wacatac (on last analysis)
Analysis Date: 2025-04-21 23:00:48 (6 months ago)

Overview

Signed By: Industrial and Commercial Bank of China Limited
Status: Valid

Common Places:

%sysdrive%\cable dep550

Geography:

100.0%

OS Version:

Windows 10 100.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x000014f1

PE Sections:

Name Size of data MD5
.text 26112 432b52a75d859c76024c00d96394a444
.rdata 9728 57d8dbd085a461ae821fc29832280e93
.data 3584 d75e6c1ebad6888857c7291d12a70673
.rsrc 16912896 6c6d0450e7269fe0e9306a48c1b8ba7a
.reloc 27136 bc781fbf4a411ab3e2556b5dc31593d2

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for SafeSign_ICBC_Cor.exe
copyright for information about SafeSign_ICBC_Cor.exe