wwe_1.60.101.4.exe

The application wwe_1.60.101.4.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from wajam-download.com.
MD5:
15c73d502a145a7dad9044ca3244102e

SHA-1:
77d3de75bb8e9d1f94da83a77640b6c4dd6be17b

SHA-256:
5270469a9b0de52ed4b63da2e82b9f07b2812237ebe876549c00cdafe0d0cf6c

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 6:04:01 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Wajam (M)
16.7.24.18

File size:
4.3 MB (4,502,482 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\wwe_1.60.101.4.exe

File PE Metadata
Compilation timestamp:
11/2/2015 4:31:15 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:Y6l7ibY2oLI3eHAa4YTddpmpEyt+fre8CQ2/l/qVsf6/j1hzcSNln:Y6l7ibY2oLKeHjtmiy6e8CQ2/5q06j1d

Entry address:
0x2A0000

Entry point:
B9, 53, 94, 2F, 00, 90, 68, 18, 00, 6A, 00, 5F, 90, 68, 98, 05, 00, 00, 5E, 90, 31, 0C, 3E, 83, EE, 04, 75, F8, BB, E9, 2E, 00, 53, 94, 2F, 00, 53, 94, 6F, 00, 63, EF, 2F, 00, E3, 68, 6E, 00, 81, 97, 6D, 00, 53, 24, 2D, 00, 52, 94, 2F, 00, 33, 74, 6F, 00, 4D, 86, 6E, 00, 67, 86, 6E, 00, DB, 61, 2F, 00, 4F, 86, 2E, 00, 61, 86, 2E, 00, 33, 5C, 2F, 00, 4F, 86, 2E, 00, 61, 86, 2E, 00, 53, 94, 2F, 00, 53, 94, 2F, 00, 53, 94, 2F, 00, 53, 94, 2F, 00, A3, 74, 6F, 00, 53, 94, 2F, 00, 53, 94, 2F, 00, 53, 94, 2F, 00...
 
[+]

Entropy:
7.9964  (probably packed)

Code size:
49 KB (50,176 bytes)

The file wwe_1.60.101.4.exe has been seen being distributed by the following URL.

Remove wwe_1.60.101.4.exe - Powered by Reason Core Security