home

wd8BB.exe

windata black box 8

windata GmbH u. Co.KG

Publisher:
windata GmbH & Co.KG  (signed by windata GmbH u. Co.KG)

Product:
windata black box 8

Version:
8.05.0046

MD5:
e4155fbf3cdc12887ff3e409076be65c

SHA-1:
fb731845d8b91579e80df2a7a5cd17c9031c0a6f

SHA-256:
d04ccfc7e55f804831152d7676e066d95d293439970aa32d45f40db555972b73

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/26/2024 11:18:19 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Dr.Web
BACKDOOR.Trojan
9.0.1.0313

File size:
4.5 MB (4,716,624 bytes)

Product version:
8.05.0046

Copyright:
© Copyright by windata GmbH & Co.KG

Trademarks:
windata ist eine eingetragene Marke der windata GmbH & Co.KG

Original file name:
wd8BB.exe

File type:
Executable application (Win32 EXE)

Language:
German (Germany)

Digital Signature
Signed by:
windata GmbH u. Co.KG

Authority:
GlobalSign nv-sa

Valid from:
4/22/2010 2:48:55 PM

Valid to:
4/22/2013 2:48:51 PM

Subject:
E=info@windata.de, CN=windata GmbH u. Co.KG, O=windata GmbH u. Co.KG, L=Kisslegg, S=Baden-Wuerttemberg, C=DE

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000012825C71D02

File PE Metadata
Compilation timestamp:
8/30/2012 12:31:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:pjlqlGiqg972S+zHH55jWrbdBbas5D8l83SC/uPIubCTEBgvea403Jglpcg7N:Jg972S+zHH55jWrbdBbas5D8l83SC/uD

Entry address:
0x9734

Entry point:
68, 00, 49, 41, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 38, 00, 00, 00, 00, 00, 00, 00, C1, BB, 2C, 6E, 32, B7, 8A, 49, A9, C2, BC, 35, 35, 61, 79, 77, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 47, 00, 84, 52, 83, 01, 77, 64, 38, 62, 62, 00, A8, 00, 00, 00, 00, 00, FF, CC, 31, 00, 18, 97, 5D, 1F, F5, 95, EE, 80, 47, A3, C7, 98, B4, 3B, C5, 51, 55, F4, 55, DA, 99, B7, 59, B7, 4E, 9C, 05, B7, C6, F3, 75, BF, 1B, 72, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00, AA, 00, 60, D3, 93, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
4.4 MB (4,657,152 bytes)

Scan wd8BB.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.