home

client.exe

Internet Widgits Pty Ltd

The application client.exe by Internet Widgits Pty has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Internet Widgits Pty Ltd  (signed and verified)

MD5:
15fd0a18d1ee1fc7ca3d59960ab67d5d

SHA-1:
7b1e83af3b51a8f2289fefcad4f89db856b27bdb

SHA-256:
0c3a764b277a00c7e0866b5d11971ce61163c57a72acfdcb980735468b9e059f

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/26/2024 10:46:15 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.10.19.3

File size:
5.3 MB (5,582,336 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\екей трансфер\client.exe

Digital Signature
Signed by:
Internet Widgits Pty Ltd

Authority:
Internet Widgits Pty Ltd

Valid from:
7/7/2011 1:43:33 AM

Valid to:
4/2/2014 1:43:33 AM

Subject:
E=null@example.org, CN=sm.dandot.net, O=Internet Widgits Pty Ltd, S=Some-State, C=RU

Issuer:
E=null@example.org, CN=sm.dandot.net, O=Internet Widgits Pty Ltd, S=Some-State, C=RU

Serial number:
00975B1FAC37F17760

File PE Metadata
Compilation timestamp:
3/27/2013 10:20:05 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:jQtMl1Aor+GUfozsVllhoVSwb/LSipOQczVQwgZSv2Ukg3LN6d8A:jQtclr+GUfozs30J/mipOVQwgZSvyg3U

Entry address:
0x30AD16

Entry point:
E8, 53, 09, 00, 00, E9, D7, FC, FF, FF, 3B, 0D, 20, 7C, 92, 00, 75, 02, F3, C3, E9, D5, 09, 00, 00, 8B, 00, 81, 38, 63, 73, 6D, E0, 74, 03, 33, C0, C3, E9, C9, 0A, 00, 00, 6A, 14, 68, D0, E5, 8C, 00, E8, 0B, 06, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81, 38, 63, 73, 6D, E0, 74, 0B, C7, 45, DC, 00, 00, 00, 00, 8B, 45, DC, C3, E8, 7D, 0A, 00, 00, 8B, 65, E8, C7, 45, FC, FE, FF, FF...
 
[+]

Entropy:
6.8591

Code size:
3.3 MB (3,446,272 bytes)

Remove client.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.