46w+4ol6.exe

downloader

Hefei Lewei Information Technology Co.,Ltd.

The file 46w+4ol6.exe has been detected as malware by 1 anti-virus scanner. The file has been seen being downloaded from url.tudown.com.
Publisher:

Product:
downloader

Version:
1.0.2.3

MD5:
2b34de7855fd9966c038391cd441d2e0

SHA-1:
9b54722ff4ca6d9a7e7d62f5e32cd786c070b02d

SHA-256:
c171428d81ff96fb93ab61f6260b9815b91541b347ece3580b8b5320aea5521d

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/25/2024 5:47:25 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
(M)
16.7.1.17

File size:
773.5 KB (792,048 bytes)

Product version:
1.0.2.3

Original file name:
downloader

Common path:
C:\users\{user}\appdata\local\temp\46w+4ol6.exe.part

Digital Signature
Authority:
WoSign CA Limited

Valid from:
10/29/2015 2:17:37 PM

Valid to:
10/29/2016 2:17:37 PM

Subject:
CN="Hefei Lewei Information Technology Co.,Ltd.", O="Hefei Lewei Information Technology Co.,Ltd.", L=Hefei, S=Anhui, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
5AB7015B756534ACC678E7DB75D22D97

The file 46w+4ol6.exe has been seen being distributed by the following URL.

http://url.tudown.com/.../abbyy finereader v11 ????????@156_169230.exe

Remove 46w+4ol6.exe - Powered by Reason Core Security