» wdcservice64.exe
Overview
Analysis
File Details
Behaviors (1)
Network (1)

wdcservice64.exe

It runs as a separate (within the context of its own process) windows Service named “WDCService”.

File name:

wdcservice64.exe

MD5:

33717dfdfe76c4da8531763ddbc35c59

SHA-1:

591b24c0681240fefc3d0db2fe2764eb3fb1ddcd

SHA-256:

31cf13ca5ffe6380ae77bc65c9728a612f8182c01a42aa2c9667995931caff16

Scanner detections:

1 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

12/26/2024 3:16:13 AM UTC (today)

Scan engine

Detection

Engine version

VIPRE Antivirus

VirTool.Win32.Obfuscator.XZ

24898

File size:

722 KB (739,328 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\Program Files\easypc cleaner free\wdcservice64.exe

File PE Metadata

Compilation timestamp:

9/16/2013 8:12:42 PM

OS version:

4.0

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

12288:LKSdJJjH7VAl87aRSENty7RIaobmiijzr+mr/j6QVuLgApBQRVUEQeN0aM0Q7wTO:+SPJjH7VAlNRSf7RIfb1ijdCfLlm5Qex

Entry address:

0x77CABC

Entry point:

68, F1, FF, 11, FA, E8, F2, B9, 0A, 00, 68, D0, FF, 11, FB, E8, 46, B2, 0A, 00, 39, 40, 8A, A7, 90, 0F, 84, 8B, 03, 00, 00, E9, 0C, 74, 00, 00, 00, 00, 44, 69, 73, 70, 61, 74, 63, 68, 4D, 65, 73, 73, 61, 67, 65, 57, 00, 00, 00, 47, 65, 74, 53, 79, 73, 74, 65, 6D, 4D, 65, 74, 72, 69, 63, 73, 00, 00, 00, 6C, 73, 74, 72, 63, 70, 79, 41, 00, F9, F5, 83, FB, 03, E9, 44, 69, 00, 00, 0F, 83, 3F, 99, 0A, 00, 66, F7, C1, E9, CC, F8, F9, E9, C0, 85, 0A, 00, 66, 0F, B6, E9, 66, F7, D5, 5D, C3, 38, CD, 90, 2C, 42, 0F... 
[+]

Entropy:

7.8385 (probably packed)

Code size:

8.2 MB (8,553,472 bytes)

Service

Display name:

WDCService

Type:

Win32OwnProcess

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):

Connects to sg2nlhg70c1003.shr.prod.sin2.secureserver.net (182.50.135.128:80)

Scan wdcservice64.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.