» cwshredder.exe
Overview
Analysis
File Details
Programs (3)
Downloads (54)

cwshredder.exe

CWShredder

Trend Micro Incorporated

File name:

cwshredder.exe

Publisher:

Trend Micro Incorporated

Product:

CWShredder

Version:

2.19-1099

MD5:

c8a6b75e72df96dec9b71498849b7590

SHA-1:

cee3da6a8bc50e3dd530099a5385f0ad35ec3c2b

SHA-256:

3cf37c51c9b133f7dafa520b302fa8b9fb266af78f7365a9b8edbe08c36f1791

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/23/2024 1:27:04 AM UTC (today)

Scan engine

Detection

Engine version

Rising Antivirus

PE:Trojan.DL.Agent!1.667C

23.00.65.14227

File size:

520 KB (532,480 bytes)

Product version:

2.19

Original file name:

cwshredder.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

File PE Metadata

Compilation timestamp:

11/14/2005 2:15:01 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.0

CTPH (ssdeep):

12288:coSqacTvbbH301hUVT5UQCoCzhMOa6c9dC1:coVHbjdYJX6dC1

Entry address:

0x2A0DD

Entry point:

6A, 60, 68, C8, 08, 46, 00, E8, 0B, 09, 00, 00, BF, 94, 00, 00, 00, 8B, C7, E8, 2B, E7, FF, FF, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, 4C, A3, 44, 00, 8B, 4E, 10, 89, 0D, 8C, 0B, 47, 00, 8B, 46, 04, A3, 98, 0B, 47, 00, 8B, 56, 08, 89, 15, 9C, 0B, 47, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, 90, 0B, 47, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, 90, 0B, 47, 00, C1, E0, 08, 03, C2, A3, 94, 0B, 47, 00, 33, F6, 56, 8B, 3D, 5C, A2, 44, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03... 
[+]

Entropy:

6.4759

Developed / compiled with:

Microsoft Visual C++ v7.0

Code size:

292 KB (299,008 bytes)

The file cwshredder.exe has been discovered within the following programs.

CWShredder by Trend Micro Inc.

4% remove it

dtSearch by dtSearch Corp.

Publisher's description - “The dtSearch product line can instantly search terabytes of text across a desktop, network, Internet or Intranet site. Developers can embed dtSearch’s instant searching and file format support into their own applications.”

www.dtsearch.com

About 6% of users remove it

Trend Micro Titanium Maximum Security by Trend Micro Inc.

Publisher's description - “Trend Micro Titanium Maximum Security is all-in-one, easy-to-use protection for everything you and your family do online-email, socialize, bank, browse, shop, and more. It provides you with a friendly interface, simple screens, and clear reports.”

www.trendmicro.com

10% remove it

The file cwshredder.exe has been seen being distributed by the following 50 URLs.

http://filehippo.com/download/file/.../

http://fs32.filehippo.com/7926/.../cwshredder.exe

http://filehippo.com/download/file/.../

http://gsf-cf.softonic.com/cee/3da/.../file?SD_used=0&channel=WEB&fdh=no&id_file=34216&instance=softonic_es&type=PROGRAM&Expires=1475934259&Signature=Jj521QwS0iQ8TtXhqjhya49y~gfRF1Rf7wVrb2it3zjOFy1fNWgxj9jpl8c6BUC5MrMeMMfhpvj3zHi19znZP9efgsbfuvi4-qPa6DS9jCk2xEIKHRNuXr~sCnAOT2IBEbzZ10K4x4aRVD4jE6qPqMPRO3nVBtXQkD3c991uZaM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cwshredder.exe

http://filehippo.com/download/file/.../

http://filehippo.com/es/download/file/.../

http://gsf-cf.softonic.com/cee/3da/.../file?SD_used=0&channel=WEB&fdh=no&id_file=34216&instance=softonic_en&type=PROGRAM&Expires=1455657883&Signature=em64cCTGN9ks5UKHKTagSyJkQcAgOeAZviSCWacDI-tH9wX9ZZPXzuXJeeBXgTW48ghvhj5MjuzMw3lTq3dRGrTDf9xwwrh4-WoDDmh9t2H2XqIGnIU3Tnjuw2W3EeGrMGc48QXZVetuAk~ljoJDPvLKgU9mvzptvlZsA3TjRbg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cwshredder.exe

http://download1us.softpedia.com/dl/5e579a0a1a5d84bd4490b9c277185cfa/51a36f5f/100008114/software/.../cwshredder.exe

http://filehippo.com/download/file/.../

http://gsf-cf.softonic.com/cee/3da/.../file?SD_used=0&channel=WEB&fdh=no&id_file=34216&instance=softonic_en&type=PROGRAM&Expires=1449502999&Signature=QqdqDrAssaJpb5fpL2sR26LnBM~aA-m4lGpvnn7z4jXS~n6RmQetlHT8025SIbZGc3xWkFX341XZhsvBwFvon416Wq0eDlWGs2YAdpimaNHqGdXbDWSFgsgrrJE4g1s212bD9KIrCTreCvPzfJvmfN93Oq04n-aDAPK~fKsd~Uc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cwshredder.exe

http://dpcdn-s02.pl/.../cwshredder(dobreprogramy.pl).exe

http://dl1.filehippo.com/.../cwshredder.exe

http://www.filehippo.com/download/file/.../

http://gsf-cf.softonic.com/cee/3da/.../file?SD_used=0&channel=WEB&fdh=no&id_file=34216&instance=softonic_en&type=PROGRAM&Expires=1462186762&Signature=BlJcfGbCwFqoiW60HlExrANLh-kBX5Ok3-HftloCZ94GzvliG-HgSVQ2bWtDxNlZr6p6eWX1rrkK5RKkGwVQNdEAcVqeDrNdJsXejyP6hTt9C1EFj4TNZYhgnyWcmDLMQC1umLiKfXpLI3HY4hZJmHrZCvDMjqIwIRzWs5Op1No_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cwshredder.exe

http://filehippo.com/download/file/.../

http://www.filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

Latest 30 of 54 download URLs

Scan cwshredder.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.