home

WordSurferAutoUpdateClient.exe

Word Surfer AutoUpdate Client

Word Surfer

The application WordSurferAutoUpdateClient.exe by Word Surfer has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in.
Publisher:
Word Surfer  (signed and verified)

Product:
Word Surfer AutoUpdate Client

Version:
1.10.0.19

MD5:
85fcb2ebd224e405c181dad61e6bb184

SHA-1:
201d810e0fb0ea02b50c7a0781501484b2f0c3c4

SHA-256:
704cab2f27063cb80d3b125d624ec88cad9ad0c3183694ec98e65c99c2707661

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 3:43:56 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InfoAtoms.WordSurf (M)
16.6.24.12

File size:
62.1 KB (63,576 bytes)

Product version:
1.10.0.19

Copyright:
Copyright (C) 2015

Original file name:
WordSurferAutoUpdateClient.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\wordsurfer_1.10.0.19\update\wordsurferautoupdateclient.exe

Digital Signature
Signed by:
Word Surfer

Authority:
GlobalSign nv-sa

Valid from:
5/22/2015 5:08:13 PM

Valid to:
5/22/2017 5:08:13 PM

Subject:
E=support@wordsurferapp.com, CN=Word Surfer, O=Word Surfer, L=San Diego, S=California, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11210C893E7E550A09401D54C5EAE1F196D5

File PE Metadata
Compilation timestamp:
6/15/2015 7:28:27 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:tkvCFurhRfkFOIwwwwwwwwBcJu4jnuQpMeFs:tkvCFurh5WOKcJJjusMeFs

Entry address:
0xF4DE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
53.5 KB (54,784 bytes)

Scheduled Task
Task name:
WordSurfer Auto Updater 1.10.0.19 Core

Trigger:
Logon (Runs on logon)

Description:
WordSurfer Auto Updater 1.10.0.19 Core


Remove WordSurferAutoUpdateClient.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.