home

ws182fbc00.dat

4687_2sq_oursurfing

Yuxin WANG

The file ws182fbc00.dat by Yuxin WANG has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from d2drfrdurj6mvo.cloudfront.net.
Publisher:
Portmon/EE  (signed by Yuxin WANG)

Product:
4687_2sq_oursurfing

Description:
Portmon/EE

Version:
7.0.1.12

MD5:
ee2f6c6431bd10f391967b0bccaca2a7

SHA-1:
adba74e3fcaafd2bcf6ce6c7b5224d4f8bb27a87

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
2/7/2026 8:01:11 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ELEX.YuxinWANG (M)
15.8.31.13

File size:
311.7 KB (319,224 bytes)

Product version:
7.0.1.12

Copyright:
Portmon/EE

Original file name:
portmon.exe

Language:
English (United Kingdom)

Digital Signature
Signed by:
Yuxin WANG

Authority:
thawte, Inc.

Valid from:
8/30/2015 5:00:00 PM

Valid to:
8/12/2017 4:59:59 PM

Subject:
CN=Yuxin WANG, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
251A39265BC12DE8C796F69FA27B9D75

The file ws182fbc00.dat has been seen being distributed by the following URL.

http://d2drfrdurj6mvo.cloudfront.net/.../2sq_oursurfing.exe

Remove ws182fbc00.dat - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.