home

wbfupdate.exe

IPO Communications

The executable wbfupdate.exe has been detected as malware by 1 anti-virus scanner.
Publisher:
IPO Communications  (signed and verified)

Version:
1.1.0.1

MD5:
6d20cb2768aab8af26cee5748b9b2098

SHA-1:
3ad3c035f7bcce3b5fb88aea371db2201eaf5e04

SHA-256:
05180527318a987c17d1df8ee511fa7707949b1aa7c7a34a7fa42d5c9010cb28

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
4/18/2024 9:00:50 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.1.21.18

File size:
589.2 KB (603,304 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\windowsbooster\wbfupdate.exe

Digital Signature
Signed by:
IPO Communications

Authority:
COMODO CA Limited

Valid from:
6/29/2012 9:00:00 AM

Valid to:
6/30/2013 8:59:59 AM

Subject:
CN=IPO Communications, O=IPO Communications, STREET="504 Freebero Officetel,15-14 Yeouido-dong", L=Yeongdeungpo-gu, S=Seoul, PostalCode=150010, C=KR

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
073D112E1D1FEE4840ABCE47AAB412AE

File PE Metadata
Compilation timestamp:
6/20/1992 7:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x7B844

Entry point:
55, 8B, EC, 83, C4, F0, B8, 9C, B4, 47, 00, E8, 58, AF, F8, FF, A1, A4, E3, 47, 00, 8B, 00, E8, 38, D1, FD, FF, A1, A4, E3, 47, 00, 8B, 00, BA, A4, B8, 47, 00, E8, 0F, CD, FD, FF, 8B, 0D, 44, E5, 47, 00, A1, A4, E3, 47, 00, 8B, 00, 8B, 15, 54, AB, 47, 00, E8, 27, D1, FD, FF, A1, A4, E3, 47, 00, 8B, 00, E8, 9B, D1, FD, FF, E8, 0A, 8B, F8, FF, 00, 00, FF, FF, FF, FF, 09, 00, 00, 00, 57, 42, 46, 55, 70, 64, 61, 74, 65, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.6081

Developed / compiled with:
Microsoft Visual C++

Code size:
490.5 KB (502,272 bytes)

Remove wbfupdate.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.