How to remove winmm.dll

winmm.dll

The module winmm.dll has been detected as Ransom.Wacatac

winmm.dll
Remove winmm.dll

File Details

Product Name:

Forensic Disk Decryptor
Company Name:

Elcomsoft
MD5: 32500758e8bdadcd94d6a533f6ab609f
Size: 5 MB
First Published: 2020-05-08 04:28:24 (5 years ago)
Latest Published: 2023-12-18 23:16:54 (2 years ago)
Status: Ransom.Wacatac (on last analysis)
Analysis Date: 2023-12-18 23:16:54 (2 years ago)

Common Places:

%desktop%
%desktop%\elcomsoft forensic disk decryptor 2.11.751.zip
%sysdrive%\recover\elcomsoft forensic disk decryptor 2.11.751 [filecr]\elcomsoft forensic disk decryptor 2.11.751
%sysdrive%\التنزيلات\compressed\elcomsoft.forensic.disk.decryptor.2.11.751.rar\elcomsoft.forensic.disk.decryptor.2.11.751
%sysdrive%\ransomware\elcomsoft.forensic.disk.decryptor.2.11.751.rar\elcomsoft.forensic.disk.decryptor.2.11.751
%sysdrive%\التنزيلات\compressed\elcomsoft.forensic.disk.decryptor.2.11.751.rar\elcomsoft.forensic.disk.decryptor.2.11.751
%temp%\rar$exb3788.47954\elcomsoft_forensic_disk_decryptor_2.11.751
%programfiles%\elcomsoft password recovery
%programfiles%\elcomsoft password recovery
%programfiles%\elcomsoft password recovery

Geography:

23.8%
23.8%
14.3%
9.5%
4.8%
4.8%
4.8%
4.8%
4.8%
4.8%

OS Version:

Windows 10 92.0%
Windows 7 8.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x10000000
Entry Address: 0x007597bc

PE Sections:

Name Size of data MD5
.text 0 00000000000000000000000000000000
.rdata 0 00000000000000000000000000000000
.data 0 00000000000000000000000000000000
.vmp0 0 00000000000000000000000000000000
.CRT0 0 00000000000000000000000000000000
.CRT1 0 00000000000000000000000000000000
.vmp1 0 00000000000000000000000000000000
.vmp2 5514240 2aeddb5a38132e7db16c63246fd573bb
.reloc 2048 27bd147252e5875721ab44420ed119c0
.rsrc 1536 57e368303b5a5f974bf95d5b2851901a

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for winmm.dll
copyright for information about winmm.dll