home

RuckZuck.exe

RuckZuck

Roger Zander

Publisher:
Zander Tools  (signed by Roger Zander)

Product:
RuckZuck

Version:
1.5.1.2

MD5:
123837a0cb5e883dffec1f67636d4c83

SHA-1:
311d5c27ebbd3a0fbd013d3780ddc3dcc4899782

SHA-256:
b2d70a4cf1f09fccdabbf2886cb0d7984c087d2197d410423c0cfb8db5789a7d

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/26/2024 6:22:07 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
MSIL/Packed.Confuser.J suspicious application
8.0.319.0

File size:
190.5 KB (195,112 bytes)

Product version:
1.5.1.2

Copyright:
Copyright © 2016 by Roger Zander

Original file name:
RuckZuck.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\ruckzuck.exe

Digital Signature
Signed by:
Roger Zander

Authority:
StartCom Ltd.

Valid from:
3/12/2016 1:36:20 AM

Valid to:
3/12/2018 2:36:20 AM

Subject:
CN=Roger Zander, O=Roger Zander, L=Kollbrunn, S=Zurich, C=CH

Issuer:
CN=StartCom Class 2 Object CA, OU=StartCom Certification Authority, O=StartCom Ltd., C=IL

Serial number:
6CE4CF3DC449E4F0F58B5B76E48D4580

File PE Metadata
Compilation timestamp:
7/10/2016 5:11:09 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:kdIPQ2EHfZl0qQca0eZKpDTvkgJJGS0/VGtTF9724Cg0GSsUw6kvIQ9cZxfmYw2:kdVlNQcavKS23T779CgfzIQaZxuYj

Entry address:
0x2C76E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.8327

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
170 KB (174,080 bytes)

Scan RuckZuck.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.