» removewat-226.zip
Overview
Analysis
File Details
Downloads (4)

removewat-226.zip

The file removewat-226.zip has been detected as a potentially unwanted program by 25 anti-malware scanners. The file has been seen being downloaded from download1116.mediafire.com and multiple other hosts.

File name:

removewat-226.zip

MD5:

0769515759d2fdb27adbb032a7536151

SHA-1:

49ac84165cf68e47716f055d637527daff2f4cee

SHA-256:

6b1c254e037ab8e1bec296ffa8e4ccfaa3cea5e12f03cf7f2c3756b8d52773c7

Scanner detections:

25 / 68

Status:

Potentially unwanted

Analysis date:

11/14/2024 2:11:46 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Application.Kazy.420358

714

Avira AntiVirus

SPR/Tool.WPAkill.B.10

7.11.210.156

AVG

HackTool

2016.0.3192

Baidu Antivirus

Hacktool.Win32.WatKill

4.0.3.15221

Bitdefender

Gen:Variant.Application.Kazy.420358

1.0.20.260

Comodo Security

ApplicUnwnt.Win32.WPAkill.~A

21106

Dr.Web

Tool.Wpakill.7

9.0.1.052

F-Prot

W32/Backdoor2.HKVF

v6.4.7.1.166

F-Secure

Gen:Variant.Application.Kazy

11.2015-21-02_7

G Data

Gen:Variant.Application.Kazy.420358

15.2.25

IKARUS anti.virus

HackTool.Win32.Wpakill

t3scan.1.8.6.0

Kaspersky

not-a-virus:RiskTool.Win32.WatKill

14.0.0.2454

Malwarebytes

HackTool.Wpakill

v2015.02.21.06

McAfee

Artemis!BFACF78644CA

5600.6848

Microsoft Security Essentials

HackTool:Win32/Wpakill.B

1.1.11400.0

MicroWorld eScan

Gen:Variant.Application.Kazy.420358

16.0.0.156

NANO AntiVirus

Trojan.Win32.Wpakill.dbjivt

0.30.0.65070

Qihoo 360 Security

Trojan.Generic

1.0.0.1015

Quick Heal

RiskTool.WatKill.g3 (Not a Virus)

2.15.14.00

Reason Heuristics

Unnamed.Threat.45

14.7.1.8

Rising Antivirus

PE:Trojan.Win32.Generic.124713F0!306648048

23.00.65.15219

Sophos

RemoveWAT

4.98

Trend Micro House Call

HKTL_WPAKILL

7.2.52

Trend Micro

HKTL_WPAKILL

10.465.21

VIPRE Antivirus

Trojan.Win32.Generic

37628

File size:

4.4 MB (4,609,525 bytes)

Common path:

C:\users\{user}\downloads\removewat-226.zip

The file removewat-226.zip has been seen being distributed by the following 4 URLs.

http://download1116.mediafire.com/fbdbyz19x9sg/.../RemoveWAT 2.2.6.hfuzie.therebels.zip

http://bmail.uol.com.br/attachment?msg_id=NzA5OQ&ctype=RemoveWAT-226.zip&disposition=attachment&folder=SENT&attsize=6248470&content_id=&accountId=0

http://download.baixatudo.globo.com/.../RemoveWAT_2_2_6.zip

http://p.download.uol.com.br/ziggi/.../RemoveWAT-226.zip

Remove removewat-226.zip - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.