home

wie_2.19.2.6.exe

Plateau-Technologies.com

The executable wie_2.19.2.6.exe has been detected as malware by 1 anti-virus scanner. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This file is typically installed with the program Open Downloader Manager by Installer Technology Co which is a potentially unwanted software program. The file has been seen being downloaded from www.wajam-download.com and multiple other hosts.
Publisher:
Plateau-Technologies.com  (signed and verified)

MD5:
3327faeb58ad102fff94cb92d7a6801b

SHA-1:
5e51ebd5a477d34220d19ac9a29a810486e06e70

SHA-256:
7e4b0e2e23848cc4a350f018ff2746281db5b1ab0764bd34c8a25f78c006bbfe

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
1/11/2025 8:50:32 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
(M)
16.6.5.12

File size:
2.5 MB (2,658,848 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\wie_2.19.2.6.exe

Digital Signature
Signed by:
Plateau-Technologies.com

Authority:
Thawte, Inc.

Valid from:
12/1/2014 1:00:00 AM

Valid to:
12/2/2015 12:59:59 AM

Subject:
CN=Plateau-Technologies.com, O=Plateau-Technologies.com, L=Montreal, S=Quebec, C=CA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
69B4C4F472644271AC11DE6EBF7AD642

File PE Metadata
Compilation timestamp:
12/5/2009 11:53:18 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:lg0v0G4sSXxOImR75EBOK2d0ouLGaZsCuOGljopZENnXQn5csux:JvSXsImpKXvRuVljopZZ5cn

Entry address:
0x36A0

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 88, A7, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 80, 40, 00, 53, FF, 15, 88, 82, 40, 00, 6A, 08, A3, B8, 63, 42, 00, E8, EE, 2E, 00, 00, A3, 04, 63, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, B0, 0C, 42, 00, FF, 15, 58, 81, 40, 00, 68, 10, A8, 40, 00, 68, 00, 5B, 42, 00, E8, F4, 29, 00, 00, FF, 15, B0, 80, 40, 00, BF, 00, C0, 42, 00, 50, 57, E8, E2, 29, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
24.5 KB (25,088 bytes)

The file wie_2.19.2.6.exe has been discovered within the following program.

Open Downloader Manager  by Installer Technology Co
ODM is a download manager that plugs into various web browsers (IE, Chrome and Firefox). The installer is designed to bundle and offer various additional offers including toolbars and other potentially harmful programs.
opendownloadmanager.com
73% remove it
 
Powered by Should I Remove It?

The file wie_2.19.2.6.exe has been seen being distributed by the following 3 URLs.

http://www.wajam-download.com/.../WIE_2.19.2.6.exe

http://wajam-download.com/.../WIE_2.19.2.6.exe

http://install-apps.com/.../WIE_2.19.2.6.exe

Remove wie_2.19.2.6.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.