WRLauncher.EXE

WRLauncher Application

Product:
WRLauncher Application

Description:
WRLauncher MFC Application

Version:
1, 0, 0, 1

MD5:
4a0a1c3736c5dbe665834d968f1eb3e3

SHA-1:
7e2f3cf34f785662dde7cef07183dd1997ecaf23

SHA-256:
ca0b4dfbc1de0131fe86dc1bb9f8762cd4a66819911e0809aba15178bca1495e

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/24/2024 4:46:22 PM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Heur.Advml.Gen!c
2.1.4+

Bkav FE
HW32.Packed
1.3.0.8455

Sophos
Mal/VMProtBad-A
4.98

File size:
1.2 MB (1,220,608 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2005

Original file name:
WRLauncher.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States d'America)

File PE Metadata
Compilation timestamp:
1/20/2010 8:18:53 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:sLXhjPdWfsYNjP6YeiHrIuN4XlLStKsec1Xfc//:sNrAPEiUrXhMKsBy

Entry address:
0x273F19

Entry point:
E9, 05, 34, F0, FF, D2, E8, B0, 2E, F6, C6, 0C, F2, AE, 68, 62, F0, B1, 79, 88, 3C, 24, E9, A4, 49, F0, FF, A7, AB, 5B, 2D, 17, 00, 23, 89, 22, 80, 35, 83, 2D, 9D, 2C, 86, 2A, 83, 37, 9F, 69, 19, 29, 72, 8F, 69, D3, 7C, CB, FD, 65, D6, 44, 44, EB, 5A, 76, 70, 89, 38, 34, 7E, 99, 37, 56, 5A, 98, 04, E4, 65, AB, 8A, 4F, C4, 80, 28, 06, 28, 65, CB, 82, B7, 22, 63, 40, 1A, A0, 13, 66, B5, 6E, AB, D7, A7, 2C, 91, F0, C0, C0, 63, E1, D1, EF, 3B, E7, 4F, 2E, 22, 3E, CE, BB, 4F, 4B, E8, EE, AD, AF, 04, DF, A5, E8...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
228 KB (233,472 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP:
Connects to 22.206.25.185.servereasy.it  (185.25.206.22:5330)

TCP (HTTP):
Connects to full-cdn-01.cluster003.ovh.net  (213.186.33.85:80)

Scan WRLauncher.EXE - Powered by Reason Core Security