» {masr7.masr.ep10.mazika2d_10924_i92897630_il345.exe
Overview
Analysis
File Details

{masr7.masr.ep10.mazika2d_10924_i92897630_il345.exe

WinAce

LLC Arctic West

The executable {masr7.masr.ep10.mazika2d_10924_i92897630_il345.exe, “http://www.winace.com” has been detected as malware by 1 anti-virus scanner.

File name:

Publisher:

e-merge GmbH (signed by LLC Arctic West)

Product:

WinAce

Description:

http://www.winace.com

Version:

2.69.0.0

MD5:

e43dcca7fc4dc11fcfd12d6788a0fe62

SHA-1:

97565506217d00aaf11649e87a5cf989ecd12864

SHA-256:

d28aa093623da30b98cd1bfac83b7345c4b57e5fa8fccdda6fff1a4248446b19

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

11/15/2024 4:43:27 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP (M)

17.1.1.0

File size:

2.5 MB (2,631,200 bytes)

Product version:

02.69.00.00

1997-2007 ACE Compression Software & e-merge GmbH

Trademarks:

1997-2007 ACE Compression Software & e-merge GmbH

File type:

Executable application (Win32 EXE)

Language:

German (Germany)

Digital Signature

Signed by:

LLC Arctic West

Authority:

COMODO CA Limited

Valid from:

8/24/2015 5:00:00 PM

Valid to:

8/24/2016 4:59:59 PM

Subject:

CN=LLC Arctic West, O=LLC Arctic West, STREET=Lviv highway 1, L=Mikolaiv, S=Lvovskaja, PostalCode=81600, C=UA

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

416057CF015B4832DC973BA203AAB312

File PE Metadata

Compilation timestamp:

11/30/2015 2:42:48 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

Entry address:

0x34ECEF

Entry point:

68, AB, 0B, EB, 16, E8, A6, 9C, FB, FF, D1, 7D, 19, 7C, 8B, 81, 33, 1B, 7C, 55, BF, 9E, FB, 83, 37, 9D, FB, 1A, 7C, 94, 16, D7, 1B, 7C, 63, 93, 38, 1A, 7C, 0F, 1B, F5, 1B, 7C, 46, 76, 7B, E4, 83, AD, 0F, F3, 1A, 7C, 12, E6, F5, 04, 7C, CF, 71, 09, E6, 83, 6A, 12, AC, FB, 83, 04, CF, 9B, F8, C1, 70, 69, 7C, E3, BD, FA, 6B, 7C, 4F, 5F, 8D, 8B, 83, 30, E6, E5, 69, 7C, D5, 17, 67, 74, 7C, AD, 7C, 13, B3, 95, 83, EF, C7, E7, 95, 83, 77, 3B, 95, 83, 0D, 39, 65, 14, 8B, 83, 72, B0, 08, 12, 6B, 7C, 03, BE, 95, 83... 
[+]

Entropy:

7.9786 (probably packed)

Code size:

2.5 MB (2,599,424 bytes)

Remove {masr7.masr.ep10.mazika2d_10924_i92897630_il345.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.