watchdog.exe

Windows Watchdog Service

The Security Team

The application watchdog.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a separate (within the context of its own process) windows Service named “Windows Watchdog Service”.
Publisher:
The Security Team

Product:
Windows Watchdog Service

Version:
1.0.1.1

MD5:
a1dc8eef2993c91843ac6d737e690e06

SHA-1:
3180572321d7901105f29a6b8091364fe508d915

SHA-256:
b0e802e37f9c566d7ed501c578d34f4684f90a17bc6fd88c9d9789c06afde405

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/23/2024 11:43:22 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Downloader.TheSecurityTeam.Meta (M)
15.8.8.15

File size:
34.5 KB (35,328 bytes)

Product version:
1.0.1.1

Copyright:
Copyright © 2014 The Security Team

Original file name:
watchdog4.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\common files\wws\watchdog.exe

File PE Metadata
Compilation timestamp:
7/15/2015 9:58:42 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:NzBr6fSIdwzGcglk+F2I76LbNABHWQ5pejdwJgjbg4otHy1u/:Nzy4NAdWMcjbfy+u/

Entry address:
0x9F1E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
32 KB (32,768 bytes)

Service
Display name:
Windows Watchdog Service

Service name:
WatchdogService

Description:
Watch, repair and update windows services

Type:
Win32OwnProcess


The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to ml.pamela  (45.55.139.102:80)

TCP (HTTP SSL):
Connects to s3-1.amazonaws.com  (52.216.17.43:443)

Remove watchdog.exe - Powered by Reason Core Security