» Wallpaper.exe
Overview
Analysis
File Details

Wallpaper.exe

JOONGWON GAMES Co.,Ltd

The application Wallpaper.exe by JOONGWON GAMES Co.,Ltd has been detected as a potentially unwanted program by 18 anti-malware scanners.

File name:

Wallpaper.exe

Publisher:

宁波甬润网络有限公司 (signed by JOONGWON GAMES Co.,Ltd)

Description:

随心壁纸

Version:

1.0.0.10

MD5:

1f476f41bfa924c2ee4c21d8253c5bb2

SHA-1:

ec5db3a9c374e86509f3e0d4015b37876d4dcdd9

Scanner detections:

18 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 7:59:46 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Zusy.138406

AhnLab V3 Security

Trojan/Win32.Gen.C875005

3.8.1.16

Avira AntiVirus

ADWARE/SBYinYing.178432

8.3.3.4

AVG

Generic6

2018.0.2504

Bitdefender

Gen:Variant.Adware.Zusy.138406

1.0.20.45

Comodo Security

ApplicUnwnt

26152

Emsisoft Anti-Malware

Gen:Variant.Adware.Zusy.138406

8.17.01.09.12

ESET NOD32

Win32/Adware.SBYinYing (variant)

11.14486

Fortinet FortiGate

Riskware/SBYinYing

1/9/2017

F-Secure

Gen:Variant.Adware.Zusy

11.2017-09-01_2

IKARUS anti.virus

PUA.SBYinYing

t3scan.2.1.16.0

K7 AntiVirus

Adware

13.245.21587

McAfee

Artemis!1F476F41BFA9

5600.6160

MicroWorld eScan

Gen:Variant.Adware.Zusy.138406

18.0.0.27

NANO AntiVirus

Riskware.Win32.Agent.dpndfz

1.0.70.13328

Panda Antivirus

Generic Suspicious

17.01.09.12

Qihoo 360 Security

Trojan.Generic

1.0.0.1120

VIPRE Antivirus

Trojan.Win32.Generic

53968

File size:

174.3 KB (178,432 bytes)

Product version:

1.0.0.7

Original file name:

Wallpaper.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\Documents and Settings\{user}\Application data\z7wimgem\wallpaper.exe

Digital Signature

Signed by:

JOONGWON GAMES Co.,Ltd

Authority:

VeriSign, Inc.

Valid from:

2/27/2013 8:00:00 AM

Valid to:

2/28/2014 7:59:59 AM

Subject:

CN="JOONGWON GAMES Co.,Ltd", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="JOONGWON GAMES Co.,Ltd", L=Seongbuk-gu, S=Seoul, C=KR

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

5FF4023F58DA20F9CA6DFB0F30A097BC

File PE Metadata

Compilation timestamp:

11/14/2014 7:32:07 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

Entry address:

0x1690F

Entry point:

E8, 5D, 06, 00, 00, E9, 49, FE, FF, FF, 3B, 0D, 18, 30, 42, 00, 75, 02, F3, C3, E9, 4F, 01, 00, 00, FF, 25, D4, A1, 41, 00, FF, 25, C8, A1, 41, 00, 83, 3D, 10, 3D, 42, 00, 00, 74, 03, 33, C0, C3, 56, 6A, 04, 6A, 20, FF, 15, 38, A1, 41, 00, 59, 59, 8B, F0, 56, FF, 15, 54, A0, 41, 00, A3, 10, 3D, 42, 00, A3, 0C, 3D, 42, 00, 85, F6, 75, 05, 6A, 18, 58, 5E, C3, 83, 26, 00, 33, C0, 5E, C3, 6A, 14, 68, C0, 03, 42, 00, E8, 04, 07, 00, 00, 83, 65, DC, 00, FF, 35, 10, 3D, 42, 00, 8B, 35, C4, A0, 41, 00, FF, D6, 89... 
[+]

Entropy:

6.5098

Code size:

100 KB (102,400 bytes)

Remove Wallpaper.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.