WAT Fix.exe

The executable WAT Fix.exe has been detected as malware by 19 anti-virus scanners. The file has been seen being downloaded from dc414.2shared.com.
Version:
1.0.8.0

MD5:
1c912642075283e06fa463569ce72bd0

SHA-1:
07d02161f7e052137308d87b64d27760cc6f7785

SHA-256:
74aa8e0d68deb156b6ddf92d1eb8bfae74ec24a8ff0d55b50f237725f4f30d48

Scanner detections:
19 / 68

Status:
Malware

Analysis date:
11/5/2024 8:04:01 PM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.Dropper.W32.Agent
2.1.4+

Agnitum Outpost
Trojan.DR.Agent
7.1.1

Avira AntiVirus
TR/Drop.Agent.gdsf
7.11.170.96

Baidu Antivirus
Trojan.Win32.Dropper
4.0.3.1498

Comodo Security
UnclassifiedMalware
19391

Dr.Web
Trojan.MulDrop3.29251
9.0.1.0251

Fortinet FortiGate
W32/Agent.GDSF!tr
9/8/2014

IKARUS anti.virus
Trojan-Dropper.Agent
t3scan.1.7.5.0

K7 AntiVirus
Riskware
13.183.13230

McAfee
Artemis!1C9126420752
5600.7014

NANO AntiVirus
Trojan.Win32.Agent2.ohixj
0.28.2.61942

Norman
Agent.VSKT
11.20140908

Qihoo 360 Security
Win32/Trojan.2a0
1.0.0.1015

Quick Heal
TrojanDropper.Agent.gdsf
9.14.14.00

Rising Antivirus
PE:Trojan.Win32.Generic.12C8B256!315142742
23.00.65.14906

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
TROJ_SPNR.03B713
7.2.251

Trend Micro
TROJ_SPNR.03BB13
10.465.08

VIPRE Antivirus
Trojan-Dropper.Win32.Agent
32740

File size:
675.4 KB (691,573 bytes)

Original file name:
WAT Fix.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\wat fix.exe

File PE Metadata
Compilation timestamp:
10/18/2007 8:43:35 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
3.0

CTPH (ssdeep):
12288:71MX89GjRX3rtCqHTNSO3noS2DV03vzn37lC1nZ1On4xLIuWV355FXw/+e4wCu+7:ZMs9mRXbnNSOJ3+IuWV355FXw/+e4wC3

Entry address:
0x1821F0

Entry point:
60, BE, 15, E0, 53, 00, 8D, BE, EB, 2F, EC, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, D2, 00, 18, 00, 57, 83, C3, 04, 53, 68, CD, 41, 04, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Entropy:
7.1251

Code size:
276 KB (282,624 bytes)

The file WAT Fix.exe has been seen being distributed by the following URL.

Remove WAT Fix.exe - Powered by Reason Core Security