» ws0fd67360.dat
Overview
Analysis
File Details

ws0fd67360.dat

Download Manager

DM

The file ws0fd67360.dat, “Download Manager Setup ” has been detected as a potentially unwanted program by 19 anti-malware scanners. The program is a setup application that uses the Inno Setup installer, however the file is not signed with an authenticode signature from a trusted source.

File name:

ws0fd67360.dat

Publisher:

Product:

Download Manager

Description:

Download Manager Setup

MD5:

27f48ebb59477e988cf7fe197f093d9e

SHA-1:

0be7b51f75acc35295c24c5664cb1df8b885b941

SHA-256:

dbddf4c84125a624a3e2c96b350ae4dfd8d877b5477850731efc029eb171de21

Scanner detections:

19 / 68

Status:

Potentially unwanted

Analysis date:

11/8/2024 7:42:40 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Eorezo.BZ

766

Avira AntiVirus

Adware/EoRezo.400932

7.11.198.70

avast!

Win32:Adware-ASG [PUP]

2014.9-141231

Baidu Antivirus

Adware.Win32.EoRezo

4.0.3.141231

Bitdefender

Adware.Eorezo.BZ

1.0.20.1825

Emsisoft Anti-Malware

Adware.Eorezo.BZ

8.14.12.31.12

ESET NOD32

Win32/Adware.EoRezo.AS

8.10934

Fortinet FortiGate

Riskware/EoRezo

12/31/2014

F-Secure

Adware.Eorezo.BZ

11.2014-31-12_4

G Data

Adware.Eorezo.BZ

14.12.24

IKARUS anti.virus

PUA.EoRezo

t3scan.1.8.5.0

K7 AntiVirus

Adware

13.188.14468

McAfee

Artemis!27F48EBB5947

5600.6900

MicroWorld eScan

Adware.Eorezo.BZ

15.0.0.1095

nProtect

Adware.Eorezo.BZ

14.12.26.01

Sophos

Generic PUA AL

4.98

Trend Micro House Call

TROJ_GEN.R047H09KP14

7.2.365

VIPRE Antivirus

Tuto4PC

36142

Zillya! Antivirus

Adware.EoRezo.Win32.1

2.0.0.2018

File size:

391.5 KB (400,932 bytes)

Product version:

1.0

Installer:

Inno Setup

Language:

Language Neutral

File PE Metadata

Compilation timestamp:

6/19/1992 3:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

6144:1/QiQPNGxnCI1y+YgBpl7+hCnaTxUKsE9ceJRvcj68xhxXqo7V5/q/hAUfB:NQiGNGBlKhC2Iqjzva6WXd55yGMB

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Entropy:

7.9121

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

Remove ws0fd67360.dat - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.