» wihchjepcxk.dll
Overview
Analysis
File Details

wihchjepcxk.dll

Acute Angle Solutions Ltd.

This is part of an adware program designed to inject advertising in the web browser (banners, text-links) as well as modify the normal behavior of the browser as well as modify the computer’s system settings that control applications to run on startup. Part of the Injekt brand of unwanted programs. The module wihchjepcxk.dll by Acute Angle Solutions has been detected as adware by 12 anti-malware scanners.

File name:

wihchjepcxk.dll

Publisher:

Acute Angle Solutions Ltd. (signed and verified)

MD5:

ecce1cf2d12c0ba0ec1cd257ea23419f

SHA-1:

78c367969263a175ad7b2209db02a3378de70a5c

SHA-256:

9e2ed26caf0e0bacd7ff40d8587cfcfcb62f531a915e737df20322f7642662bf

Scanner detections:

12 / 68

Status:

Adware

Explanation:

Injects display ads (banner ads), in-text ads, interstitial ads, or other types of ads in the web browser as well as alters the browsers settings (home page, search, DNS, and security protocols).

Analysis date:

4/16/2024 9:22:05 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

PUA.PullUpdate

7.1.1

Avira AntiVirus

ADWARE/Adware.Gen

7.11.179.162

AVG

Acute

2015.0.3316

Baidu Antivirus

Adware.Win32.PullUpdate

4.0.3.141019

ESET NOD32

MSIL/Adware.PullUpdate.C application

7.0.302.0

G Data

Win32.Adware.AcuteAngle

14.10.24

K7 AntiVirus

Adware

13.184.13727

Malwarebytes

PUP.Optional.SafeWeb.A

v2014.10.19.09

Qihoo 360 Security

HEUR/QVM30.1.Malware.Gen

1.0.0.1015

Reason Heuristics

PUP.AcuteAngleSolutions.L

14.10.19.20

Sophos

Pull Update

4.98

VIPRE Antivirus

Threat.4784449

33706

File size:

1.1 MB (1,184,112 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\ProgramData\frzfnnl\dat\wihchjepcxk.dll

Digital Signature

Signed by:

Acute Angle Solutions Ltd.

Authority:

VeriSign, Inc.

Valid from:

1/31/2014 1:00:00 AM

Valid to:

2/1/2015 12:59:59 AM

Subject:

CN=Acute Angle Solutions Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Acute Angle Solutions Ltd., L=St. James, S=St. James, C=BB

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

0A7A77148C6F7A33F9174DA187F6FEF0

File PE Metadata

Compilation timestamp:

8/6/2014 1:14:47 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

24576:PyKGghrn1/b5R6N1bT1xsVvoD0sL/IfjaMXxdzTK6W0A:jVx1jr6HbYsL/IfLX3TnW0A

Entry address:

0xB0734

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 42, C1, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84, C0, 75, 16, 81, FA, 80, 00, 00, 00, 72, 0E, 83, 3D, D4, 80, 11, 10, 00, 74, 05, E9, 95, C1, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03... 
[+]

Code size:

818.5 KB (838,144 bytes)

Remove wihchjepcxk.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.