» wordus.exe
Overview
Analysis
File Details
Programs (1)

wordus.exe

ITVA Limited Liability Company

The application wordus.exe by ITVA Limited Liability Company has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Wordus by ITVA LLC.

File name:

wordus.exe

Publisher:

ITVA Limited Liability Company (signed and verified)

Version:

1.1.6.0

MD5:

f9f988b9d2b462b24e96db99320c0492

SHA-1:

6549b7233b9b8432cc924685adc20e889f81ad61

SHA-256:

cedb63e11582f3badb409d91cfea66090b8b1b26d027ce5e1d6bc22e360cb04b

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/14/2024 6:43:23 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.ITVALimi (M)

16.6.9.9

File size:

12.6 MB (13,194,336 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\wordus\wordus.exe

Digital Signature

Signed by:

ITVA Limited Liability Company

Authority:

Symantec Corporation

Valid from:

6/19/2015 3:00:00 AM

Valid to:

6/19/2016 2:59:59 AM

Subject:

CN=ITVA Limited Liability Company, O=ITVA Limited Liability Company, L=Saint-Petersburg, S=Saint-Petersburg, C=RU, SERIALNUMBER=1107847001591, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=RU

Issuer:

CN=Symantec Class 3 Extended Validation Code Signing CA - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

6C4A84526DCED5358913EBDBAAEDF729

File PE Metadata

Compilation timestamp:

10/27/2015 12:57:45 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:sz7rcHY1kwbgirP5p7T5XaA5+TqB6t4KI/JkGkgNc8yg7tskyo1gvIWwCKhAGs9+:qoHY1XPv7VYt/qJB+8lahIWw/+E

Entry address:

0x960F74

Entry point:

55, 8B, EC, 83, C4, E8, 53, 56, 57, 33, C0, 89, 45, EC, 89, 45, E8, B8, 28, AB, D4, 00, E8, 2D, F3, 6A, FF, 8B, 1D, 00, 0F, D8, 00, 8B, 35, D4, 09, D8, 00, 33, C0, 55, 68, 80, 11, D6, 00, 64, FF, 30, 64, 89, 20, 6A, 00, A1, 74, 06, D8, 00, 8B, 00, B9, 9C, 11, D6, 00, BA, B4, 11, D6, 00, 8B, 38, FF, 57, 08, 6A, 00, 6A, 03, A1, 18, 01, D8, 00, 8B, 00, 50, 68, D8, 11, D6, 00, 68, EC, 11, D6, 00, 6A, 01, 33, C9, B2, 01, A1, 98, 79, D2, 00, E8, 7D, 79, FC, FF, 89, 03, 8B, 03, 05, D0, 00, 00, 00, 8B, 15, C0, FF... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

9.4 MB (9,830,912 bytes)

The file wordus.exe has been discovered within the following program.

Wordus by ITVA LLC

35% remove it

Remove wordus.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.