home

wiupdat.exe

The executable wiupdat.exe has been detected as malware by 5 anti-virus scanners.
MD5:
d4cbb9ea6bad826747a6a05fe6134fc0

SHA-1:
ca60e85c2eab0dafd2b2670479d15e4449a1443a

SHA-256:
8b79cff46f6c6f9b1c027d86a7a16da4a6dff3287ba8fdebb0672580646b1cd1

Scanner detections:
5 / 68

Status:
Malware

Analysis date:
4/24/2024 8:18:33 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Trojan/Win32.Proxy
2014.09.02

Avira AntiVirus
TR/Downloader.A.4656
7.11.170.102

Baidu Antivirus
Trojan.Win32.Proxy
4.0.3.1491

ESET NOD32
Win32/TrojanProxy.Agent.NYE (variant)
8.10350

Malwarebytes
Backdoor.Bot.ED
v2014.09.01.08

File size:
58.5 KB (59,904 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\wiupdat.exe

File PE Metadata
Compilation timestamp:
8/31/2014 1:21:00 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.12

CTPH (ssdeep):
768:dPsUVTPf9wJpdmqoLTiuFYXyN3f5/zdHuTudnulc4dakaI+P6s1:txapdeLuuFnPFdHBdUc

Entry address:
0x1677

Entry point:
BF, 47, 18, 8A, 51, BE, 39, 84, 54, 8E, 8D, 0C, 3A, 81, C1, 3A, 87, B0, F7, 83, EA, 39, 2B, D1, 83, E9, 03, 81, FA, 4C, A3, 4A, 5B, 0F, 85, A3, 00, 00, 00, 81, FF, F9, F9, FF, FF, 0F, 84, 97, 00, 00, 00, 57, 50, 6A, 11, 6A, 00, FF, D0, 8B, C8, 2D, FF, 00, 00, 00, 83, C8, FD, 74, 61, 0B, C6, 83, C0, 01, 03, C7, 59, 85, C1, 7E, 15, 56, 57, B9, 03, 00, 00, 00, 66, 4B, 86, E0, 86, E2, 66, 4A, 74, 04, F7, D8, F7, D0, 55, 83, ED, 7E, 2B, EC, 2B, 44, 24, 08, 83, C4, 08, 51, 49, 74, 51, EB, ED, 58, FE, CD, 48, FE...
 
[+]

Entropy:
4.7656

Code size:
33.5 KB (34,304 bytes)

Remove wiupdat.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.