020rzord15pp76yn.exe

WZT

The application 020rzord15pp76yn.exe by WZT has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
WZT  (signed and verified)

MD5:
75c244c5fcc63a0674ce6500c5c099e2

SHA-1:
686ec3559b6c4825beab084fe8e0a05faa48f406

SHA-256:
dc37372c51b864d68a4c4925a53c2ca338e68c8477455271573afe24e8bf96af

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 6:19:37 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.MSFree.WZT (M)
17.3.4.16

File size:
8.4 MB (8,840,824 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\020rzord15pp76yn.exe

Digital Signature
Signed by:

Authority:
WZT

Valid from:
11/8/2015 9:15:49 AM

Valid to:
1/1/2040 12:59:59 AM

Subject:
CN=WZT

Issuer:
CN=WZT

Serial number:
08A8E826950F1A9940262589FCAF0B8F

File PE Metadata
Compilation timestamp:
12/14/2015 10:54:34 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.50

Entry address:
0x1000

Entry point:
68, 6C, 07, 00, 00, 68, 00, 00, 00, 00, 68, E0, E8, C5, 00, E8, D0, 01, 02, 00, 83, C4, 0C, 68, 00, 00, 00, 00, E8, C9, 01, 02, 00, A3, E4, E8, C5, 00, 68, 00, 00, 00, 00, 68, 00, 10, 00, 00, 68, 00, 00, 00, 00, E8, B6, 01, 02, 00, A3, E0, E8, C5, 00, B8, BC, C3, 4C, 00, A3, 7C, E9, C5, 00, E8, 42, 07, 07, 00, E8, ED, F9, 06, 00, E8, 63, DF, 06, 00, E8, DB, D1, 06, 00, E8, 1F, C5, 06, 00, E8, 32, C2, 06, 00, E8, C8, BF, 06, 00, E8, FD, A4, 06, 00, E8, EC, 9F, 06, 00, E8, 75, 8D, 06, 00, E8, B4, 80, 06, 00...
 
[+]

Packer / compiler:
PKLITE32, 0x1.1

Code size:
659.5 KB (675,328 bytes)

Remove 020rzord15pp76yn.exe - Powered by Reason Core Security