How to remove WeatherZeroService.exe

» File
File Details
Overview
Analysis

WeatherZeroService.exe

The module WeatherZeroService.exe has been detected as Backdoor.DCRat

WeatherZeroService.exe

Remove WeatherZeroService.e

File Details

Main Info:

MD5:	c20c55750211e6d143f7cb1f31ed93f6
Size:	3 MB
First Published:	2022-12-31 23:15:48 (2 years ago)
Latest Published:	2025-05-28 23:00:53 (6 months ago)

Analysis:

Status:	Backdoor.DCRat (on last analysis)
Analysis Date:	2025-05-28 23:00:53 (6 months ago)

Overview

Digital Signature

Signed By:	Reaction Software Limited
Status:	Valid

Common Places:

%programfiles%

%programfiles%

%programfiles%

%programfiles%

%programfiles%

%programfiles%

%programfiles%

%programfiles%

%programfiles%

%programfiles%

Geography:

	29.7%
	10.8%
	10.8%
	8.1%
	5.4%
	5.4%
	5.4%
	5.4%
	2.7%
	2.7%
	2.7%
	2.7%
	2.7%
	2.7%
	2.7%

OS Version:

Windows 10	97.3%
Windows 7	2.7%

Analysis

PE Info:

Subsystem:	Windows CUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x000939b3

PE Sections:

Name	Size of data	MD5
.text	689664	48834dd3e3f7d2bde15802fd6c3b5748
.rdata	57856	9f7f04845ea71ec60e8dccfdf14c471d
.data	2428416	9e089c7149666b1846f335f4641fffe3
.rsrc	47616	e323c8b823ddbf1c04493d386914e4b4
.reloc	12288	ae7ac52ddd319583542cf67de12acf0a

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for WeatherZeroService.exe

copyright for information about WeatherZeroService.exe