wow_helper.exe

Red Sky Sp. z o.o.

The application wow_helper.exe by Red Sky Sp. z o.o has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Red Sky Sp. z o.o.  (signed and verified)

MD5:
da63354408f927ee4df15a9de6447f90

SHA-1:
97764cb2e6f7ccb7249a580f777f4a8134475b2b

SHA-256:
34d528a0724d76e457024cd383f18755472ea8edd222084d1f021a0c48d88a3f

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 7:58:21 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win64.Generic
16.11.2.23

File size:
71.6 KB (73,368 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\diglo\diglo\application\28.0.1479.334\installer\diglo-bin\wow_helper.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
3/27/2014 6:00:00 PM

Valid to:
3/28/2015 5:59:59 PM

Subject:
CN=Red Sky Sp. z o.o., OU=Red Sky, O=Red Sky Sp. z o.o., POBox=71-064, STREET=Aleja Piastow 22, L=Szczecin, S=zachodniopomorskie, PostalCode=71-064, C=PL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00AF74AE06E658887C8B6B42539F3FA758

File PE Metadata
Compilation timestamp:
2/3/2009 1:16:59 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
1536:Cf77+031ru/qpap4qUqm+rIqRqEp+85LQyi4hh+:WWo1/op4qUqfrIkb+aLQd

Entry address:
0x2430

Entry point:
48, 83, EC, 28, E8, E7, 45, 00, 00, 48, 83, C4, 28, E9, 0E, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 40, 53, 48, 83, EC, 60, 48, 8B, 05, B3, 9E, 00, 00, 48, 8B, DA, 48, 8D, 54, 24, 20, 48, 89, 02, 48, 8B, 05, A9, 9E, 00, 00, 48, 89, 42, 08, 48, 8B, 05, A6, 9E, 00, 00, 48, 89, 42, 10, 48, 8B, 05, A3, 9E, 00, 00, 48, 89, 42, 18, 48, 8B, 05, A0, 9E, 00, 00, 48, 89, 42, 20, 48, 8B, 05, 9D, 9E, 00, 00, 48, 89, 42, 28, 48, 8B, 05, 9A, 9E, 00, 00, 48, 89, 42, 30, 48, 8B, 05, 97, 9E, 00...
 
[+]

Entropy:
6.1970

Code size:
42 KB (43,008 bytes)

Remove wow_helper.exe - Powered by Reason Core Security