wow_helper.exe

Firefox

Mengmeng Wang

The application wow_helper.exe by Mengmeng Wang has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Mozilla Foundation  (signed by Mengmeng Wang)

Product:
Firefox

Version:
51.0

MD5:
a0ba418b010730daaab594c0bbbc0f38

SHA-1:
5fb6098848d391d13044faf189eb563b7c329e1f

SHA-256:
831c60c496be10c0fa2a89dc5fb846f193041349f1f6a4ee20cef6e947d4d6d1

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 5:06:33 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Elex.MW (M)
17.3.16.10

File size:
95.7 KB (97,976 bytes)

Product version:
51.0

Copyright:
License: MPL 2

Trademarks:
Mozilla

Original file name:
wow_helper.exe

File type:
Executable application (Win64 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\firefox\wow_helper.exe

Digital Signature
Signed by:

Authority:
thawte, Inc.

Valid from:
10/13/2016 5:00:00 PM

Valid to:
10/13/2017 4:59:59 PM

Subject:
CN=Mengmeng Wang, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
57FCDAB4B0C6202BC89A0DDD4A742960

File PE Metadata
Compilation timestamp:
3/15/2017 7:57:57 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
14.0

Entry address:
0x1930

Entry point:
48, 83, EC, 28, E8, 6B, 04, 00, 00, 48, 83, C4, 28, E9, 82, FE, FF, FF, CC, CC, 40, 53, 48, 83, EC, 20, 48, 8B, D9, EB, 21, 48, 8B, CB, E8, 9D, 30, 00, 00, 85, C0, 75, 12, 48, 83, FB, FF, 75, 07, E8, 92, 09, 00, 00, EB, 05, E8, 6B, 09, 00, 00, 48, 8B, CB, E8, F3, 30, 00, 00, 48, 85, C0, 74, D5, 48, 83, C4, 20, 5B, C3, 40, 53, 48, 83, EC, 20, 48, 8B, D9, 33, C9, FF, 15, BF, B6, 00, 00, 48, 8B, CB, FF, 15, AE, B6, 00, 00, FF, 15, B8, B6, 00, 00, 48, 8B, C8, BA, 09, 04, 00, C0, 48, 83, C4, 20, 5B, 48, FF, 25...
 
[+]

Entropy:
5.9577

Code size:
43.5 KB (44,544 bytes)

Remove wow_helper.exe - Powered by Reason Core Security