Risk analysis for WWanHC.dll MD5:977879e20523439b806f7c416ac422fa - Threat analysis: Safe

File extenstion shows this is a dll file.

Analysis MD5: 977879e20523439b806f7c416ac422fa

Analysis of the file classifies it as a class A (Safe). The file is safe to use. The trust index of this analysis is 73 % (high).

D+

D-

E+

E-

Description

WWanHC.dll is part of WWanHC plugin developed by Microsoft Corporation. This file is an important and required part of the Windows Operating system

Filename:	WWanHC.dll (WWanHC plugin)
Threat analysis:	Safe
Analysis trust:	73%
Recent activity:
First seen:	02 Dec, 2014
Last seen:	14 Feb, 2017
Last analysis:	21 Mar, 2019
Possible infection:	Clean

WWanHC.dll WWanHC plugin

Application:	Besturingssysteem Microsoft� Windows�
Developer:	Microsoft Corporation
Stability:	75%
File version:	8.1.9600.17415
File size:	74240 bytes (73 KB.)
Recent activity:
Historic activity:
CRC32 hash:	4228879813
MD5 hash:	977879e20523439b806f7c416ac422fa
SHA1 hash:	828e02606a1feb1240be9de256d0a8255b68a63c
SHA256 hash:	03a6ef993d291673cbcbcaab519d762e24ebf6db993957d4c03bc4b6d424c115

Signature verification

Unsigned

This file has no digital signature. The publisher of this file could not be verified.

Publisher	Microsoft Corporation
Product	Microsoft� Windows� Operating System
Description	Wireless WAN Helper Class
Signingdate	0000-00-00 00:00:00

D+

File entropy

File entropy match: Encrypted

Parts of this file are encrypted. The reasons might be benign but it makes the analysis more difficult.

| 0 b.74240 b. |

Plain Data Text Code Compressed Encrypted Random

File signature

Dynamic Link Library

Dynamic-link library, or DLL, is Microsoft's implementation of the shared library concept in the Microsoft Windows and OS/2 operating systems.

The determination of a file type is done with a signature or magic-numbers. Files are identified using by comparing the first set of bytes in the file header. Using this method type of files are recognised no matter the extension used. This information is useful to for example recognise executable files cloaked as images or movies.

Malicious code scan

No malicious code found

Agics makes een analysis of the source code of the file. We look for comparisons with known malicious source code. This is a good way to detect new malicious files which are in fact variations of existing, and known malicious files.

Scan results:

0 %

Fuzzy hash a.k.a. Context Triggered Piecewise Hashing

SSDEEP

Context Triggered Piecewise Hashing, also called Fuzzy Hashing, can match inputs that have homologies. Such inputs have sequences of identical bytes in the same order, although bytes in between these sequences may be different in both content and length. Comparing a fuzzyhash is a good way to detect morphing malware. Malware which include random code in every copy to change its properties. Agics uses ssdeep to make create a fuzzyhash.

SSDEEP: 768:4bd5yhRB7p/vBG7ND6tTBAMRV/d8GU2PQAz4ka5ChaPGv07R8h3Gn4G/XeDQO2jD:45Io2Py7uEu/UskQiM7FA9ApfU

No match found

Online virus scanners

Detection ration:

0 %

VirusShare.com

Not available on virusshare.com

VirusShare.com is a repository of malware samples to provide security researchers, incident responders, forensic analysts, and the morbidly curious access to samples of live malicious code. Presence of the sample on this site indicates that the file is (Once considered) being malicious.
Website: virusshare.com

National Software Reference Library

Not on the nsrl list

The NSRL contains a collection of digital signatures of known, traceable software applications. There are application hash values in the hash set which may be considered malicious, i.e. steganography tools and hacking scripts.
Website: www.nsrl.nist.gov

Statistic analysis

Statistic analysis of the file

	Similar to other files with the same name
	No certificate
	Other files with the same name do not have a certificate as well
	This is a very common file

Neural network analysis

Analysis: Low risk

A neural network is a type of artificial intelligence. It recognized patterns nog clear for a human viewer. Our neural network is surprisingly accurate in recognizing dangerous files. The value below is the predicted chance the file is malicious.

9 %

User feedback

Read feedback on this file from other users. Help other users by providing feedback yourself.

You can earn reputation points !

You are currently not logged in. Login, or Create an account

Feedback users:

There has been no user feedback provided yet.

You are not logged in. Only registered users can provide feedback. Login and help other users.

Login Create an account