GridinSoft Threat Intelligence
NETwtw04.sys threat report
GridinSoft Anti-Malware detection
Detected by GridinSoft before you download
The current ThreatInfo record shows this exact file hash detected as Trojan.Generic. Download GridinSoft Anti-Malware to scan the device, confirm whether this file is present, and remove the detected object if it is found.
- Detection name
- Trojan.Generic
- Recommended action
- Scan and remove
- Last analysis
- 2024-09-16 23:07:55 (2 years ago)
- File hash
- 264c5c0db5c707e00fb45f833187afac
Why it matters
Why GridinSoft flags this file
GridinSoft identifies the sample as Trojan.Generic, part of the Trojan threat category.
Malware disguised as legitimate software or delivered through deceptive packaging. Related Trojan reports help compare this file with nearby detections, publishers, and hashes.
First seen 2024-09-16 23:07:55 (2 years ago); latest analysis 2024-09-16 23:07:55 (2 years ago).
Company metadata: Intel Corporation. Product metadata: Intel® Wireless WiFi Link Adapter.
ThreatInfo has seen this file in user or system paths listed below. Unexpected locations increase the need for local verification.
Recommended action
What to do next
- Compare the MD5 above with the file found on the device.
- Check whether the file appears in the observed locations or under one of the alternate names.
- Run GridinSoft Anti-Malware to confirm the detection and remove the file if it is present. Review the Trojan category for related samples and common context.
File context
NETwtw04.sys is a Windows file recorded in the ThreatInfo database. It is associated with Intel® Wireless WiFi Link Adapter. The reported company name is Intel Corporation. The current detection status is Trojan.Generic, based on the latest analysis from 2024-09-16 23:07:55 (2 years ago). ThreatInfo groups this verdict with Trojan reports for broader family-level investigation.
If NETwtw04.sys appears on your computer unexpectedly, treat it as suspicious. Check its location, digital signature, and recent system changes before allowing it to run. A full anti-malware scan is recommended when this file is detected as Trojan.Generic.
File Details
| Product Name: | Intel® Wireless WiFi Link Adapter |
| Company Name: | Intel Corporation |
| MD5: | 264c5c0db5c707e00fb45f833187afac |
| Size: | 8 MB |
| First Published: | 2024-09-16 23:07:55 (2 years ago) |
| Latest Published: | 2024-09-16 23:07:55 (2 years ago) |
| Status: | Trojan.Generic (on last analysis) | |
| Analysis Date: | 2024-09-16 23:07:55 (2 years ago) |
Detection screenshot
The screenshot is a visual record of a GridinSoft Anti-Malware detection for this sample. Use the hash and metadata above as the primary identifiers when comparing the file on your system.
Common Places:
| %programfiles%\intel\wifidrivers |
ThreatInfo has observed NETwtw04.sys in the locations listed above. Files found in temporary folders, user profile folders, startup locations, or unusual application directories should be reviewed more carefully than files installed under a known program directory.
Geographic signal
Observed country distribution
ThreatInfo has seen NETwtw04.sys across 1 countries. Use this signal to compare local evidence with where the sample is most often reported.
The strongest geographic signal for this file is Belgium with 100.0% of observed hits. Geographic distribution can help identify targeted campaigns, regional software bundles, or where a file is most commonly reported.
OS Version:
The most common operating system signal for NETwtw04.sys is Windows 10 with 100.0% of observed hits. If your system differs from the common profile, check whether the file was introduced by a specific installer, archive, or removable device.
Analysis
NETwtw04.sys is identified as pe for 64-bit systems. The subsystem is Native. PE header values are useful for triage, especially when they do not match the expected publisher, product, or release timeline.
PE Sections:
Section layout highlights raw-size concentration, repeated names, packer markers, and hashes that can be compared across related samples.
515f5d130964c97916402ffee10fc2f5
69d84ea54fe6e6e7b7859dc404419920
03a800a4868443657cd0d3fb06548c08
247064d953b8d7b7b138791b76bf8496
c01145752cb3a15c57008a7462e907c8
f5235460fc6fdabb3132bb46aa31e704
d19362e628a55748ee8aece29e0b7735
a13155889bba50ba68147739d01925a6
d35fdc423537619ba1cbeb7c2fda777e
87fb47c2db92ff68342add9b4ab42362
adad54a2c7be2d658c0e75ad3c791b39
37649d88515282a42a440bc2634f0ba6
4704ef052ac10cf85e8e11c5763ac141
32920938f0249e18e0ef20f1b72102c3
674b9433cbf94820b11aed54b1e5e5ed
8371aefb84bb1ef683d79ebff619d817
76eb86a47f2cc2edf04a5b0c7440e46e
3dad592b368a6baccc7fb0050bea3e3d
bf619eac0cdf3f68d496ea9344137e8b
efaf5a82d422d2d02c279547556438f1
b0932534d09f20ced9dd2b4fa7496a4e
66cbcd8755acf87f0417d72303826785
e46f6ad80de4991f1cee15436273e8ad
ddad026b82b6cac7f0860b4bdb131b35
02ec54f5a2ee434d0f150a5467cd359a
9571ccc80958cf7f8f060bd2961a44d6
44682c22c11cb309260df2be68649892
94ff772c3c2d244c6bb63d3341bb09c9
dddcc03e2b592ffd37f7ac3ccb835596
17e326f3da991ea49b52a79fda92b3ef
b2d1236c286a3c0704224fe4105eca49
9db50833aeef3e9576a5df804262f6ce
7a0ca471713d7db3c36ceab3363d1093
b0049540494541559bbca867af67f216
PE section names and hashes can reveal packing, injected resources, or unusual build artifacts. Sections with uncommon names, very large raw data, or hashes that differ from a trusted copy deserve additional review.
Report conclusion
GridinSoft detects this file as Trojan.Generic
This report identifies NETwtw04.sys by MD5 264c5c0db5c707e00fb45f833187afac. It is part of the Trojan report group. If the same file is present on your device, scan the system and remove the detected object after confirming the hash and location.