We received the file INSTALLER_WHATSAPP_ENGLISH.EXE and detected thatINSTALLER_WHATSAPP_ENGLISH.EXE is not good.
INSTALLER_WHATSAPP_ENGLISH.EXE is Adware. You should remove the file INSTALLER_WHATSAPP_ENGLISH.EXE.
Kill the process INSTALLER_WHATSAPP_ENGLISH.EXE and remove INSTALLER_WHATSAPP_ENGLISH.EXE from Windows.
Malware Analysis of INSTALLER_WHATSAPP_ENGLISH.EXE
Full path on a computer: %Temp%\installer_whatsapp_English.exe
Detected by UnHackMe:
INSTALLER_WHATSAPP_ENGLISH.EXE
Default location: %Temp%\installer_whatsapp_English.exe
Removal Results: Success
Number of reboot: 1
INSTALLER_WHATSAPP_ENGLISH.EXE is known as:
Adware.InstallCore.A.1279, Trojan.Falsesign.Htwf, Win32.Trojan.Adware.37e
INSTALLER_WHATSAPP_ENGLISH.EXE hash:
- MD5: 2e7591a44b934b069d5fe6d4a0e215fe
The file tries to connect to the dangerous web site.
How to quickly detect INSTALLER_WHATSAPP_ENGLISH.EXE presence?
![]( "Folders")
Folders:
![]( "Files")
Files:
Folders:- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\audio
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\images
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\_metadata
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\_platform_specific
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\_platform_specific\x86-32_
Files:- %Local Appdata%\Google\Chrome\User Data\Default\Cache\f_000094
- %Local Appdata%\Google\Chrome\User Data\Default\Extension Rules\000034.log
- %Local Appdata%\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000033
- %Local Appdata%\Google\Chrome\User Data\Default\Extension State\000021.ldb
- %Local Appdata%\Google\Chrome\User Data\Default\Extension State\000022.log
- %Local Appdata%\Google\Chrome\User Data\Default\Extension State\MANIFEST-000020
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\audio\1_short_Open_16_16.wav
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\audio-input-compiled.js
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\audio-manager-compiled.js
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\audio_input.html
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\background.html
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\content-bundle-compiled.js
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\hotword_.nmf
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\hotword_de.nmf
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\hotword_en-gb.nmf
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\hotword_fr.nmf
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\hotword_ru.nmf
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\images\error.png
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\images\hotword.png
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\images\icon-128.png
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\images\icon-16.png
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\images\icon-48.png
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\images\mic-hotword.gif
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\images\mic-normal.gif
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\images\off.png
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\images\speech.png
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\manifest.json
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\options-compiled.js
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\options.css
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\options.html
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\_metadata\verified_contents.json
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\_platform_specific\x86-32_\hotword-x86-32.nexe
- %Local Appdata%\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\_platform_specific\x86-32_\hotword.data
- %Local Appdata%\Google\Chrome\User Data\Default\Local Extension Settings\pafkbggdmjlpgkdkcbjmhmfcdpncadgh\000009.log
- %Local Appdata%\Google\Chrome\User Data\Default\Local Extension Settings\pafkbggdmjlpgkdkcbjmhmfcdpncadgh\MANIFEST-000007
- %Local Appdata%\Google\Chrome\User Data\Default\Session Storage\000044.ldb
- %Local Appdata%\Google\Chrome\User Data\Default\Session Storage\000045.log
- %Local Appdata%\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000043
- %Temp%\installer_whatsapp_English.exe
- %Personal%\Downloads\228656-672567-whatsapp.apk