ws0df362b0.dat
Yu Bao
The file ws0df362b0.dat by Yu Bao has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from 113.171.224.245 and multiple other hosts.
MD5:
0221332260491341aead9a663083e4ac
SHA-1:
5642122a7cc837d7dd21a9ce623f2ea9f3c31e7a
Scanner detections:
1 / 68
Status:
Potentially unwanted
Analysis date:
11/5/2024 12:55:56 PM UTC (today)
Scan engine
Detection
Engine version
Reason Heuristics
PUP.YuBao (M)
16.1.6.0
File size:
1.4 MB (1,471,704 bytes)
Product version:
20151110204556
Copyright:
Copyright 2015 Rafotech. All rights reserved
Language:
English (United States)
Valid from:
10/20/2015 10:00:00 PM
Valid to:
10/20/2016 9:59:59 PM
Subject:
CN=Yu Bao, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN
Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US
Serial number:
17C6AE891D357C16ADC447794EA40FC5
The file ws0df362b0.dat has been seen being distributed by the following 5 URLs.
http://113.171.224.245/.../setup.exe
http://113.171.224.207/.../setup.exe
http://113.171.224.167/.../setup.exe