» chew-wga.exe
Overview
Analysis
File Details
Downloads (329)
Network (1)

chew-wga.exe

Chew-WGA v0.9

Anemeros Software

The application chew-wga.exe, “The Perpetuation Endeavor” has been detected as a potentially unwanted program by 23 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www28.zippyshare.com and multiple other hosts. While running, it connects to the Internet address moscow.cdnmail.ru on port 80 using the HTTP protocol.

File name:

chew-wga.exe

Publisher:

Anemeros Software

Product:

Chew-WGA v0.9

Description:

The Perpetuation Endeavor

Version:

0.9.0.0

MD5:

6738d790fc0f3928a8a5f19d829cae4d

SHA-1:

db0a727520178061506c7ec07a99bac581610329

SHA-256:

60ca507ef4ba7dbbb7ef6ea4b975b9b09a24d7d0c91d38d0876331203f962d98

Scanner detections:

23 / 68

Status:

Potentially unwanted

Analysis date:

4/23/2024 3:25:54 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

HackTool.WinActivator

7.1.1

AhnLab V3 Security

Win-AppCare/Wpakill.M.9458428

2013.12.24

avast!

Win32:PUP-gen [PUP]

2014.9-131223

AVG

Tool_c.M

2014.0.3616

Dr.Web

Tool.Wpakill.4

9.0.1.0357

ESET NOD32

Win32/HackTool.WinActivator

7.9190

F-Prot

W32/Backdoor2.HMEE

v6.4.7.1.166

IKARUS anti.virus

possible-Threat.HackTool.Wpakill

t3scan.2.2.29

K7 AntiVirus

Trojan

13.174.10588

Malwarebytes

Hacktool.ChewWGA

v2013.12.23.03

McAfee

Crack-WindowsWGA.b

5600.7272

Microsoft Security Essentials

HackTool:Win32/Wpakill.C

1.165.247.01

MicroWorld eScan

HackTool:Win32/Wpakill.C

14.0.0.1071

NANO AntiVirus

Riskware.Win32.Wpakill.vrveq

0.28.0.57029

Norman

Suspicious_Gen2.SIJEP

11.20131223

nProtect

Trojan/W32.Agent.9458428

13.12.23.01

Reason Heuristics

Unnamed.Threat.24

14.3.3.12

Rising Antivirus

PE:Trojan.Agent!6.566

23.00.65.131221

Sophos

Generic PUA NL

4.96

Trend Micro House Call

HKTL_WPAKILL

7.2.357

Trend Micro

TROJ_GEN.F0C2C00JH13

10.465.23

VIPRE Antivirus

Trojan.Win32.Generic

24664

ViRobot

Trojan.Win32.S.Agent.9458428

2011.4.7.4223

File size:

9 MB (9,458,428 bytes)

Product version:

0.9.0.0

Trademarks:

Chew-WGA

Original file name:

cw.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\chew-wga.exe

File PE Metadata

Compilation timestamp:

6/23/2009 6:57:07 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

196608:9O1vl2I4a7SdzRDymXLa4mnb0DtUog3jCUE2nKNfMILF9UBDHLSwxT1aQhS:Wt2O7Sd1ymX+4mnOU9+UCZM6kzWu12

Entry address:

0x173A6

Entry point:

55, 8B, EC, 6A, FF, 68, 90, 2C, 43, 00, 68, C4, BE, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, AC, 01, 43, 00, 33, D2, 8A, D4, 89, 15, A0, 0A, 44, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 9C, 0A, 44, 00, C1, E1, 08, 03, CA, 89, 0D, 98, 0A, 44, 00, C1, E8, 10, A3, 94, 0A, 44, 00, 6A, 01, E8, 45, 38, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 86, 1A, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75... 
[+]

Entropy:

7.9657

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

188 KB (192,512 bytes)

The file chew-wga.exe has been seen being distributed by the following 50 URLs.