home

youwave android.exe

MD5:
b093917474a616a4bcaf5ce6cf508c92

SHA-1:
ff987fd2530c772ff5c0e74bc5f94e9caeb27df4

SHA-256:
2580056abd94d536b837a1b6c0cbfdc3c25b9f649f24b9de225ffb011e25ea2b

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/15/2024 12:33:42 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.CDB
1.3.0.4959

Trend Micro House Call
TROJ_GEN.F47V0409
7.2.109

VIPRE Antivirus
Trojan.Win32.Packer.EnigmaProtector1.1X-1.3X
28368

File size:
1.9 MB (1,950,416 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\youwave android\youwave android.exe

File PE Metadata
Compilation timestamp:
4/5/2014 2:15:48 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:2OQaN8Hml3dm4IWO42O2AujA8PAIuQtCAmCddM:qaN6mcI2O2DjvPAMqmdM

Entry address:
0x2BC8

Entry point:
55, 8B, EC, 83, C4, F0, B8, 00, 10, 40, 00, E8, 01, 00, 00, 00, 9A, 83, C4, 10, 8B, E5, 5D, E9, 54, 1A, 5A, 00, B8, 37, AD, D2, F9, A1, CE, 7A, 01, 73, 22, F9, 68, 05, 71, 7D, 16, 47, BF, C2, 3D, 7B, AD, B5, 48, EC, 10, 8B, 8C, D9, 93, 6C, 81, AE, 94, 0B, F5, 98, BA, 68, 27, 37, 27, F1, 66, 8E, B4, B6, D2, AC, 22, 1F, 11, 18, D9, DF, 2C, 31, 92, D4, B0, 18, 22, F9, E5, B2, A1, 82, DB, 1C, 56, 5F, 63, 31, 86, 02, AD, 23, 38, 00, 6E, 46, 10, 66, 6C, 60, 34, 02, 19, B1, E6, FA, 77, 33, F9, 65, 33, 4A, 45, 5A...
 
[+]

Entropy:
7.8687

Developed / compiled with:
Microsoft Visual C++

Code size:
283 KB (289,792 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to ip-166-62-39-39.ip.secureserver.net  (166.62.39.39:80)

TCP (HTTP):
Connects to hit-adult.opendns.com  (146.112.61.106:80)

TCP (HTTP):
Connects to www.turktelekom.com.tr  (195.175.118.150:80)

Scan youwave android.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.