home

wf.exe

WildFire Online Client

NetEase(Hangzhou) Network Co. Ltd.

Publisher:
Netease  (signed by NetEase(Hangzhou) Network Co. Ltd.)

Product:
WildFire Online Client

Version:
1, 0, 0, 1

MD5:
2342f6af4d899fb54a71fb8e2bcf25d0

SHA-1:
f67d386149403e3ecf0a62051827c327e419e23e

SHA-256:
1ae0030c757ae86e0a53cb73f4322a33d69d130a628c5facde23d336232128bb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 4:23:17 AM UTC  (today)

File size:
14.5 MB (15,162,424 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright ?2014

Original file name:
wf.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\wf.exe

Digital Signature
Signed by:
NetEase(Hangzhou) Network Co. Ltd.

Authority:
Symantec Corporation

Valid from:
2/27/2016 8:00:00 AM

Valid to:
2/27/2019 7:59:59 AM

Subject:
CN=NetEase(Hangzhou) Network Co. Ltd., OU=NetEase(Hangzhou), O=NetEase(Hangzhou) Network Co. Ltd., L=zhejiang, S=hangzhou, C=CN

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
36FDED94E8651EFB63DEF58687F9CC0D

File PE Metadata
Compilation timestamp:
3/15/2017 6:39:44 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

Entry address:
0x2A7D000

Entry point:
56, 50, 53, E8, 01, 00, 00, 00, CC, 58, 89, C3, 40, 2D, 00, 70, 23, 00, 2D, 7C, 49, CA, 06, 05, 73, 49, CA, 06, 80, 3B, CC, 75, 19, C6, 03, 00, BB, 00, 10, 00, 00, 68, B4, 10, 06, 62, 68, 75, A4, 20, 2D, 53, 50, E8, 0A, 00, 00, 00, 83, C0, 00, 89, 44, 24, 08, 5B, 58, C3, 55, 89, E5, 50, 53, 51, 56, 8B, 75, 08, 8B, 4D, 0C, C1, E9, 02, 8B, 45, 10, 8B, 5D, 14, 85, C9, 74, 0A, 31, 06, 01, 1E, 83, C6, 04, 49, EB, F2, 5E, 59, 5B, 58, C9, C2, 10, 00, 5E, 50, B4, 97, 08, C1, B4, 5A, E6, A4, C2, 01, C0, 00, AA, 2B...
 
[+]

Entropy:
7.9863  (probably packed)

Code size:
23.3 MB (24,459,776 bytes)

Scan wf.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.