home

jpjwatcher.exe

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘JPJWatcher’.
MD5:
0cbd00b94a7aaf5203b81a272b288bfe

SHA-1:
ee57cfd53318e0abb01f74b73e5e3aabcd9ef2d6

SHA-256:
5904707845e6357705d90f646763991c79565e018c1000b594299633e2ba307f

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/20/2025 8:57:37 AM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
Heur.Suspicious
12735

Dr.Web
DLOADER.Trojan
9.0.1.012

File size:
189 KB (193,536 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\ProgramData\mattel\watcher\jpjwatcher.exe

File PE Metadata
Compilation timestamp:
1/12/2009 12:32:36 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
1536:/pXEFVB9zxK6Adn+/XMUnKff/XyFuXcjw1bnTVG3Uvkuzvdr5Iojs7/QcvHxplaC:/pJDQ/XPIHCB0tVtNzvN5IoGZRpl1z

Entry address:
0x7DC8

Entry point:
E8, 7E, 6D, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 60, 98, 43, 00, 89, 0D, 5C, 98, 43, 00, 89, 15, 58, 98, 43, 00, 89, 1D, 54, 98, 43, 00, 89, 35, 50, 98, 43, 00, 89, 3D, 4C, 98, 43, 00, 66, 8C, 15, 78, 98, 43, 00, 66, 8C, 0D, 6C, 98, 43, 00, 66, 8C, 1D, 48, 98, 43, 00, 66, 8C, 05, 44, 98, 43, 00, 66, 8C, 25, 40, 98, 43, 00, 66, 8C, 2D, 3C, 98, 43, 00, 9C, 8F, 05, 70, 98, 43, 00, 8B, 45, 00, A3, 64, 98, 43, 00, 8B, 45, 04, A3, 68, 98, 43, 00, 8D, 45, 08, A3, 74, 98, 43...
 
[+]

Entropy:
6.0997

Code size:
84.5 KB (86,528 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
JPJWatcher

Command:
C:\ProgramData\mattel\watcher\jpjwatcher.exe


Scan jpjwatcher.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.