How to remove XmpLiveUD.exe

XmpLiveUD.exe

The module XmpLiveUD.exe has been detected as Ransom.Wacatac

XmpLiveUD.exe
Remove XmpLiveUD.exe

File Details

Product Name:

迅雷影音升级程序
Company Name:

深圳市迅雷网络技术有限公司
MD5: 5fccddc84705ef583e1e105a706a4cea
Size: 4 MB
First Published: 2026-03-24 23:00:56 (2 weeks ago)
Latest Published: 2026-03-24 23:00:59 (2 weeks ago)
Status: Ransom.Wacatac (on last analysis)
Analysis Date: 2026-03-24 23:00:59 (2 weeks ago)

Overview

Signed By: ShenZhen Thunder Networking Technologies Ltd.
Status: Valid

Common Places:

%temp%\xlliveud
%temp%\xlliveud

Geography:

100.0%

OS Version:

Windows 10 100.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x000a8a6c

PE Sections:

Name Size of data MD5
.text 847360 f272893848b34dcb6e7c6a34e3d9f9e3
.rdata 169984 9a82dd67058ee9f7ac8c3590b12f0968
.data 9216 b83d59f6dba8deb9bc9f8a5ac30cc44e
.gfids 1024 36f2884d9d9b2618f1055d5af7532120
.tls 512 1f354d76203061bfdd5a53dae48d5435
.rsrc 3970560 6db056dfb1ccc2e923352742fbfa7804
.reloc 43008 f8d5373e7d8cb05d956672ea0933304a

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for XmpLiveUD.exe
copyright for information about XmpLiveUD.exe