wordweb6.exe

WordWeb Software

This is a setup program which is used to install the application. This file is installed with the program WordWeb. The file has been seen being downloaded from ec.ccm2.net and multiple other hosts.
Publisher:
WordWeb Software  (signed and verified)

MD5:
74b3b0ad88a3523914fae48a9ddcda19

SHA-1:
ba19516910c865e44879db11697425c5c7ae6733

SHA-256:
ba6e777895d98eb5602b4cc249aa95fc4b14ed069d1c71c57d5b8458350df518

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
12/25/2024 12:46:17 AM UTC  (today)

Scan engine
Detection
Engine version

NANO AntiVirus
Trojan.Win32.Induc.brmeva
0.28.0.58873

Rising Antivirus
PE:Trojan.Win32.Generic.12F923D8!318317528
23.00.65.14409

File size:
19.1 MB (20,001,584 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\wordweb6.exe

Digital Signature
Authority:
The USERTRUST Network

Valid from:
2/21/2011 5:00:00 PM

Valid to:
2/21/2014 4:59:59 PM

Subject:
CN=WordWeb Software, O=WordWeb Software, STREET=10 Southdown Avenue, L=Brighton, S=Brighton, PostalCode=BN1 6EG, C=GB

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
427859AEB362FAA9CAA9324FE90F1737

File PE Metadata
Compilation timestamp:
10/13/2011 2:07:21 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
393216:1qGxBVUh8C8JGZYZ37WnEs5LX2IjZ6seE56pP6+4GY:1BVUh8t7WEcLmAxDOrY

Entry address:
0xB3D6

Entry point:
E8, E3, FE, FF, FF, 33, C0, 50, 50, 50, 50, E8, 70, 2D, 00, 00, C3, 56, 57, 8B, 7C, 24, 0C, 8B, F1, 8B, CF, 89, 3E, E8, A3, A1, FF, FF, 89, 46, 08, 89, 56, 0C, 8B, 87, 1C, 0C, 00, 00, 89, 46, 10, 5F, 8B, C6, 5E, C2, 04, 00, 8B, C1, 8B, 08, 8B, 50, 10, 3B, 91, 1C, 0C, 00, 00, 75, 0D, 6A, 00, FF, 70, 0C, FF, 70, 08, E8, CC, A6, FF, FF, C3, 55, 8B, EC, 83, EC, 1C, 56, 33, F6, 56, 56, 56, 56, 8D, 45, E4, 50, FF, 15, 40, 32, 41, 00, 85, C0, 74, 21, 56, 56, 56, 8D, 45, E4, 50, FF, 15, 44, 32, 41, 00, 8D, 45, E4...
 
[+]

Entropy:
7.9987  (probably packed)

Code size:
70.5 KB (72,192 bytes)

The file wordweb6.exe has been discovered within the following program.

WordWeb  by WordWeb Software
WordWeb is an international English dictionary and thesaurus program based on the WordNet database. The program is activated by holding down CTRL and right-clicking on a word in almost any program. This opens the WordWeb main window, with definitions and other help.
wordweb.info
5% remove it
 
Powered by Should I Remove It?

The file wordweb6.exe has been seen being distributed by the following 5 URLs.

http://ec.ccm2.net/www.commentcamarche.net/download/.../wordweb6.exe

Scan wordweb6.exe - Powered by Reason Core Security