How to remove WeMod.exe
WeMod.exe
The module WeMod.exe has been detected as Trojan.Heur!
File Details
| Product Name: | WeMod |
| Company Name: | WeMod |
| MD5: | 4d4bb37465f0c40e1c35091ee4fc47f0 |
| Size: | 180 MB |
| First Published: | 2025-01-28 23:02:44 (6 months ago) |
| Latest Published: | 2025-01-28 23:02:44 (6 months ago) |
| Status: | Trojan.Heur! (on last analysis) | |
| Analysis Date: | 2025-01-28 23:02:44 (6 months ago) |
Overview
| Signed By: | WeMod LLC |
| Status: | Invalid (digital signature could be stolen or file could be patched) |
Common Places:
| %localappdata%\wemod |
Geography:
| 100.0% |
OS Version:
| Windows 10 | 100.0% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000140000000 |
| Entry Address: | 0x04554bf0 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 155663360 | 1fe168fe3d1d295063d4a8d9f8f4bab8 |
| .rdata | 26380288 | 4f95659d5494ba6d549ce17e1f9a4c60 |
| .data | 674816 | bdf4bcda07274115665d27ee5686efa9 |
| .pdata | 4766720 | 9610bdc73755dc270b7c77764298d423 |
| .gxfg | 17408 | 0c0c7d2c799d1a1c49bc626597cf770b |
| .retplne | 512 | a3c3f93cb3d8962bf61ecd49cf779445 |
| .rodata | 4608 | c642bc1527b5873b6dbf56c4a87d20cb |
| .tls | 1536 | 748d118fe7509b1fffbf4a1ced6e627a |
| CPADinfo | 512 | 60d3ea61d541c9be2e845d2787fb9574 |
| LZMADEC | 4608 | 05e9eab8428a551a281ab278073669fa |
| _RDATA | 512 | 21567c9f06a1f5c343e7b10ffb2af66e |
| malloc_h | 512 | e8428c334cb2ceafd35583eb6b252095 |
| prot | 512 | bf619eac0cdf3f68d496ea9344137e8b |
| .rsrc | 349184 | a0ce987b26e3d68d64a42f7e839f939a |
| .reloc | 997376 | 2858073d583acd804c1cbddf17f42987 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for WeMod.exe
