home

wowusbviruskiller-zh.exe

WowUSBVirusKiller

yftzeng

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from www.openfoundry.org.
Publisher:
yftzeng

Product:
WowUSBVirusKiller

Description:
WowUSBVirusKiller Setup

MD5:
3fc2ff4374dbd9b27f7165ddd9c46b6e

SHA-1:
0be586ce4db054b0053b26bc40571baa741a3541

SHA-256:
475420709659be9897b6c544523a57d50d16eeba80e6a577b3d3a86c9d342d9e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 2:28:39 AM UTC  (today)

File size:
13.9 MB (14,603,677 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

File PE Metadata
Compilation timestamp:
6/20/1992 6:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:PPXQQsaB5qG0QQouoHwVuFc5ab0SJvS3M5Ywz:PfQQJQouvt203M5dz

Entry address:
0x9A58

Entry point:
89, FA, B4, EE, EB, 04, 84, F9, 29, F3, FE, C6, 4B, 8D, 05, 52, 5E, 17, B6, E8, 00, 00, 00, 00, 5F, 74, 02, 0F, CE, 80, DC, 42, F7, D8, 81, FD, 78, 54, 00, 00, 71, 02, B0, 8B, 12, E1, B8, B3, F3, FF, FF, 05, 4D, 0C, 00, 00, B8, E2, E6, 00, 00, 05, 86, 0C, 00, 00, 50, 5E, B8, 81, B5, 94, B6, 81, C6, A5, 06, 00, 00, 8B, C6, 0F, AF, C3, 8D, 05, DF, FE, FF, FF, 05, 21, 01, 00, 00, 03, C6, 8B, E8, 89, C0, 81, F8, 28, 66, 9D, 42, 81, F5, 1A, 57, 00, 00, F7, D0, 55, FF, C8, 5A, 76, 02, 86, C4, 81, F2, C5, 02, 00...
 
[+]

Entropy:
7.9998  (probably packed)

Code size:
36.5 KB (37,376 bytes)

The file wowusbviruskiller-zh.exe has been seen being distributed by the following URL.

http://www.openfoundry.org/of/download_path/usbviruskiller/.../WowUSBVirusKiller-zh.exe

Scan wowusbviruskiller-zh.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.