home

wwtask.exe

Trauma Zer0

Aleste Participacoes e Empreendimentos Ltda

The executable wwtask.exe, “Trauma Zer0 Network Agent Core” has been detected as malware by 14 anti-virus scanners. It runs as a windows Service named “Network Agent Driver Tz0”.
Publisher:
Aleste Technology  (signed by Aleste Participacoes e Empreendimentos Ltda)

Product:
Trauma Zer0

Description:
Trauma Zer0 Network Agent Core

Version:
2.0.0.5

MD5:
fec908fec24670efa45d586e4498ec1e

SHA-1:
28081ddaeae9d33fd0f334912fcc4d3633d120b0

SHA-256:
628bef4a0cbd362f97efb308ef94d7592e9df804a55e18b193a9a104191c47cb

Scanner detections:
14 / 68

Status:
Malware

Analysis date:
5/5/2024 2:50:24 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
SHeur4
2017.0.2537

Bitdefender
Trojan.Generic.8359993
1.0.20.1710

Dr.Web
Trojan.DownLoader7.3279
9.0.1.0342

F-Secure
Trojan.Generic.8359993
11.2016-07-12_4

G Data
Trojan.Generic.8359993
16.12.22

IKARUS anti.virus
Trojan-Banker.Win32.Banker
t3scan.1.3.5.0

K7 AntiVirus
Riskware
13.158.8119

McAfee
Artemis!FEC908FEC246
5600.6193

MicroWorld eScan
Trojan.Generic.8359993
17.0.0.1026

NANO AntiVirus
Trojan.Win32.DownLoader7.zjtlk
0.22.6.49175

nProtect
Trojan.Generic.8359993
13.01.16.01

Panda Antivirus
Suspicious file
16.12.07.10

Trend Micro House Call
TROJ_FAKEALERT.BMH
7.2.342

VIPRE Antivirus
Trojan.Win32.Generic
15064

File size:
1.1 MB (1,182,706 bytes)

Product version:
2.0.0.0

Copyright:
Aleste Technology

Trademarks:
Aleste Technology

Original file name:
wwtask.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\wwtask.exe

Digital Signature
Signed by:
Aleste Participacoes e Empreendimentos Ltda

Authority:
VeriSign, Inc.

Valid from:
1/10/2011 10:00:00 PM

Valid to:
2/9/2012 9:59:59 PM

Subject:
CN=Aleste Participacoes e Empreendimentos Ltda, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Aleste Participacoes e Empreendimentos Ltda, L=Montenegro, S=Rio Grande do Sul, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3292939C8D34EA9E50962E166A22F4B2

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x1000

Entry point:
B8, E4, 86, 82, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 13, 5F, AC, 93, F6, DA, 0E, 4A, 3E, 62, 1D, 64, 84, 49, A8, 0C, 99, B2, F5, 69, 35, D4, 52, AF, E7, 82, B9, EB, DF, 2D, 1B, DD, 5F, 55, ED, BE, 51, CB, BA, 79, 06, CE, B9, 06, C3, 57, 03, D8, 92, 66, 83, 3E, 63, CF, BF, AD, A3, E9, EF, F3, 52, AE, 0A, A5, DF, 59, 93, 9E, CE, E4, D8, D0, 15, 4F, 3E, 32, F6, F9, 2A, 83, D0, 95, A4, 50, B5, 67, D6, DD, 48, 2C, 15, 57, 27...
 
[+]

Packer / compiler:
PECompact v2

Code size:
3.7 MB (3,895,296 bytes)

Service
Display name:
Network Agent Driver Tz0

Service name:
NetworkAgent

Description:
Manages objects protocols in the Network and Dial-Up synchronizations

Type:
Win32OwnProcess, InteractiveProcess

Group:
Network


Remove wwtask.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.