» youwave android.exe
Overview
Analysis
File Details
Network (3)

youwave android.exe

YouWave Inc.

File name:

youwave android.exe

Publisher:

YouWave Inc. (signed and verified)

MD5:

20edb91de764f0936f65f9d395d907c3

SHA-1:

cabb01c75e8a016183a21037c88d64bf82af9565

SHA-256:

b78067de441fdd8af5503e6d71012576bdf7abc08c2cd51fcadf2b0cd81cb8d4

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/16/2024 12:51:00 PM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

W32.HfsAutoB

1.3.0.4613

Trend Micro House Call

TROJ_GEN.F47V1010

7.2.32

File size:

1.5 MB (1,553,304 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\youwave android\youwave android.exe

Digital Signature

Signed by:

YouWave Inc.

Authority:

GlobalSign nv-sa

Subject:

CN=YouWave Inc., O=YouWave Inc., S=California, C=US

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121F46A4923EAE1C5CA24D3C6CF87F1D5A3

File PE Metadata

Compilation timestamp:

8/1/2013 2:40:35 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.21

CTPH (ssdeep):

24576:RO/mljnm/pLppTFZU7Y40sXKKFge5S9F8CUz6fLjva9WF5:RO/mx2pLppTMEfs9aTu9WD

Entry address:

0x1140

Entry point:

55, 89, E5, 83, EC, 18, C7, 04, 24, 02, 00, 00, 00, FF, 15, 60, 7B, 4F, 00, E8, C8, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 89, E5, 83, EC, 18, C7, 04, 24, 01, 00, 00, 00, FF, 15, 60, 7B, 4F, 00, E8, A8, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 89, E5, 53, 83, EC, 14, 8B, 45, 08, 8B, 00, 8B, 00, 3D, 91, 00, 00, C0, 77, 3B, 3D, 8D, 00, 00, C0, 72, 4B, BB, 01, 00, 00, 00, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, 08, 00, 00, 00, E8, 63, 2E, 04, 00, 83, F8, 01, 0F, 84, FF, 00, 00, 00, 85, C0... 
[+]

Entropy:

6.2430

Code size:

278.5 KB (285,184 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to mrs02s05-in-f0.1e100.net (173.194.35.96:80)

TCP (HTTP):

Connects to ip-50-63-100-205.ip.secureserver.net (50.63.100.205:80)

TCP (HTTP):

Connects to ip-50-62-114-2.ip.secureserver.net (50.62.114.2:80)

Scan youwave android.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.