home

Doctorwisecollection.exe

prj_doctorwisecollection

BTS

The executable Doctorwisecollection.exe has been detected as malware by 3 anti-virus scanners.
Publisher:
BTS

Product:
prj_doctorwisecollection

Version:
1.00

MD5:
4b96a6f7978ec5ed7a891e6544d418b4

SHA-1:
b811e2abc849802c90dbf39bea6bd12cf9138c13

SHA-256:
2534185852da34c7c7788b2e07156713e57748dd144ff3242b69083a343ef1ad

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
5/7/2024 6:14:33 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Patched.Ren.Gen
3.6.1.96

avast!
Win32:WrongInf-F [Susp]
2014.9-150401

NANO AntiVirus
Virus.Win32.Virut-Gen.bwpxnc
0.30.8.659

File size:
1.4 MB (1,458,176 bytes)

Product version:
1.00

Original file name:
Doctorwisecollection.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\bts\hms\doctorwisecollection.exe

File PE Metadata
Compilation timestamp:
5/25/2055 11:40:40 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:jH8WlclK4TyIGPiN+3iN+cl2CNZ8bCLz:L8WGhTVNPNT2CNfz

Entry address:
0x14B0

Entry point:
68, CC, 1A, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 50, 00, 00, 00, 00, 00, 00, 00, 91, BB, B5, 65, 0E, 52, B5, 4F, A0, E4, 16, 0A, 19, A5, 11, 2B, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 20, 20, 20, 20, 20, 20, 70, 72, 6A, 5F, 64, 6F, 63, 74, 6F, 72, 77, 69, 73, 65, 63, 6F, 6C, 6C, 65, 63, 74, 69, 6F, 6E, 00, 63, 74, 69, 6F, 6E, 20, 3A, 00, 00, 00, 00, FF, CC, 31, 00, 0F, 92, 7B, 65, CE, BC, 20, 9A, 43, A8, F7, B3, 54, 29, C2, 05, 65, A1, DE, C9, A2, 04, 71, 62, 44, 90, 17, 57...
 
[+]

Entropy:
0.2710

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
36 KB (36,864 bytes)

Remove Doctorwisecollection.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.