WinProductKey.exe

Windows Activation Key Viewer

Ultimate Systems

The executable WinProductKey.exe has been detected as malware by 4 anti-virus scanners.
Publisher:
Ultimate Systems  (signed and verified)

Product:
Windows Activation Key Viewer

Description:
WinProductKey

Version:
1.1.0.1

MD5:
aee05924b52a157c578c51ba4813748c

SHA-1:
854d8a3a56e194aa064860fa1350968d91c1cb45

SHA-256:
dd6d3d57ff148839b514cffe6ef27f757fb595051213c4229423eff6796f999a

Scanner detections:
4 / 68

Status:
Malware

Analysis date:
11/6/2024 2:09:24 AM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Win32.Floxif
11.5.0.6191

ESET NOD32
Win32/Floxif.H virus
8.0.319.0

Norman
Win32.Floxif.A
19.05.2016 01:04:49

VIPRE Antivirus
Threat.4760052
50516

File size:
3.3 MB (3,499,535 bytes)

Product version:
1.1.0.1

Copyright:
Ultimate Systems. All rights reserved.

Original file name:
WinProductKey.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\winproductkey\winproductkey.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
2/11/2015 12:00:00 AM

Valid to:
2/11/2016 11:59:59 PM

Subject:
CN=Ultimate Systems, O=Ultimate Systems, STREET="Intr. Ioan Vasii, Bl. C8, Ap.4", L=Timisoara, S=Timis, PostalCode=300133, C=RO

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
11EB064F748B3729B48E31B2FF88D458

File PE Metadata
Compilation timestamp:
9/8/2015 2:12:31 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
98304:JUliCnZHBRn/B8TS/QsTwuTuzS2XhFLOAkGkzdnEVomFHKnPq+:JUvDeiuzS2RFLOyomFHKnPq+

Entry address:
0x12B776

Entry point:
E9, 5B, 79, F4, FF, E9, 7F, FE, FF, FF, 3B, 0D, B0, 71, 5A, 00, 75, 02, F3, C3, E9, 3D, 00, 00, 00, 55, 8B, EC, FF, 15, 00, 43, 55, 00, 6A, 01, A3, BC, 1F, 5B, 00, E8, 78, 79, 00, 00, FF, 75, 08, E8, 0D, 79, 00, 00, 83, 3D, BC, 1F, 5B, 00, 00, 59, 59, 75, 08, 6A, 01, E8, 5E, 79, 00, 00, 59, 68, 09, 04, 00, C0, E8, DB, 78, 00, 00, 59, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, D0, 80, 01, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, A0, 1D, 5B, 00, 89, 0D, 9C, 1D, 5B, 00, 89, 15, 98, 1D, 5B, 00...
 
[+]

Entropy:
7.1216

Packer / compiler:
Xtreme-Protector v1.05

Code size:
1.3 MB (1,384,960 bytes)

Remove WinProductKey.exe - Powered by Reason Core Security