wwe_1.61.101.14.exe

The application wwe_1.61.101.14.exe has been detected as a potentially unwanted program by 3 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.bellechassetechnology.com.
MD5:
e1e2149a2ba4ee0a16a528cde7e91bef

SHA-1:
bcce5e637166757bc0fd6e084dc0239c19f410b4

Scanner detections:
3 / 68

Status:
Potentially unwanted

Analysis date:
12/27/2024 7:40:00 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:SaliCode
160216-3

McAfee
Virus.W32/Sality.gen.z
18.0.204.0

Reason Heuristics
Adware.Wajam (M)
16.7.24.20

File size:
4.3 MB (4,550,968 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\Local settings\temporary internet files\content.ie5\{random}\wwe_1.61.101.14.exe

File PE Metadata
Compilation timestamp:
1/28/2016 1:45:22 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:ugBWMTiFgTpLu64qiqkWQ3a0HyGfu/ValPJ6+CokD7OH:RC2Ju64//JyG2tAJ6jJDqH

Entry address:
0x9EC0

Entry point:
60, BB, 9A, 9D, B9, 20, 1A, C3, 0F, BE, DA, 68, 8B, 16, 2A, 00, 22, FC, EB, 05, 08, C2, 0F, AF, DE, 51, 68, F3, A2, 92, 00, C7, C7, 62, 9C, 76, 2C, 81, FD, 9B, E2, 00, 00, 71, 03, 4F, 30, F3, 0F, BF, C9, F2, 49, E8, 20, 00, 00, 00, F7, C7, 78, 9D, F8, D1, 84, DB, 8A, CC, EB, 08, 8B, C8, 69, FD, E0, CD, 47, A8, 8B, EF, 30, C5, 21, F1, 03, C5, 89, C6, 8B, CA, EB, 02, 87, D2, 81, FA, FA, 2F, BA, 2B, 48, 87, EA, 8B, D1, F2, 8B, DA, 77, 0B, 0F, AF, FB, F7, C3, D6, 09, 5C, C9, 89, D2, 6B, C0, 00, 88, D9, 0F, AF...
 
[+]

Code size:
58 KB (59,392 bytes)

The file wwe_1.61.101.14.exe has been seen being distributed by the following URL.

Remove wwe_1.61.101.14.exe - Powered by Reason Core Security