home

demorash.exe

The executable demorash.exe, “Road Rash for Windows 95 Executable” has been detected as malware by 7 anti-virus scanners.
Description:
Road Rash for Windows 95 Executable

Version:
1.0A

MD5:
a61a337de8fa72b9d05e83e83017fc6d

SHA-1:
bdac2a4b7e514f73a9f277f59ea8e0b727f404f2

SHA-256:
fbf8f44cddefe8deefce5b94e79fef3d67942e9c4b1eb0f9954edbd9f2ed8ca5

Scanner detections:
7 / 68

Status:
Malware

Analysis date:
4/26/2024 2:56:08 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Patched.Gen
7.11.30.172

avast!
Win32:Virut-AGQ
150602-1

AVG
Generic35
2016.0.3061

Bkav FE
W32.HfsAutoA
1.3.0.6979

F-Prot
W32/Virut.AI!Generic
4.6.5.141

NANO AntiVirus
Virus.Win32.Virut-Gen.bwpxnc
0.30.24.2320

Vba32 AntiVirus
Trojan.Cosmu
3.12.26.4

File size:
513.5 KB (525,824 bytes)

Copyright:
Copyright © 1996 Electronic Arts, Inc.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
10/22/1996 5:14:30 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
3.0

CTPH (ssdeep):
12288:+hBzJ2MXwSfXhqAPzBmvTtsXMfYtWe+/s5aF:AjfxLPzQBsXMfYse88w

Entry address:
0x526B0

Entry point:
64, A1, 00, 00, 00, 00, 55, 8B, EC, 6A, FF, 68, E0, B6, 45, 00, 68, D8, 63, 45, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 60, 53, 56, 57, 89, 65, E8, FF, 15, 40, A6, 4B, 00, A3, 94, E7, 46, 00, 33, C0, A0, 95, E7, 46, 00, A3, A0, E7, 46, 00, A1, 94, E7, 46, 00, C1, 2D, 94, E7, 46, 00, 10, 25, FF, 00, 00, 00, A3, 9C, E7, 46, 00, C1, E0, 08, 03, 05, A0, E7, 46, 00, A3, 98, E7, 46, 00, E8, 6A, 01, 00, 00, E8, F5, 02, 00, 00, 85, C0, 75, 0A, 6A, 10, E8, 2A, 01, 00, 00, 83, C4, 04, C7, 45, FC, 00, 00, 00, 00...
 
[+]

Entropy:
6.5585

Developed / compiled with:
Microsoft Visual C++ v4.2

Code size:
360 KB (368,640 bytes)

Remove demorash.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.