» dwbreader.exe
Overview
Analysis
File Details

dwbreader.exe

DNAML PTY LTD

The application dwbreader.exe by DNAML PTY has been detected as a potentially unwanted program by 14 anti-malware scanners.

File name:

dwbreader.exe

Publisher:

DNAML PTY LTD (signed and verified)

MD5:

19ed3221387afb952d099cc1b57d9449

SHA-1:

1be9ce5b6dd563ce883f03c14519d09c6e7d58e4

Scanner detections:

14 / 68

Status:

Potentially unwanted

Analysis date:

4/29/2024 12:39:24 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Adware.Agent

7.1.1

Avira AntiVirus

Adware/Agent.MCARLOM.2

7.11.127.82

Comodo Security

UnclassifiedMalware

17683

Dr.Web

Trojan.MulDrop1.40139

9.0.1.027

F-Prot

W32/MalwareF.MDNZ

v6.4.7.1.166

K7 AntiVirus

Riskware

13.175.10972

Malwarebytes

Adware.Agent

v2016.01.27.11

McAfee

Artemis!19ED3221387A

5600.6508

NANO AntiVirus

Trojan.Win32.Agent2.hrfah

0.28.0.57380

Panda Antivirus

Generic Trojan

16.01.27.11

Sophos

Digital River

4.97

Trend Micro House Call

Suspicious

7.2.27

Trend Micro

Suspicious

10.465.27

Vba32 AntiVirus

BScope.Trojan-Spy.Zbot

3.12.24.3

File size:

1.2 MB (1,238,728 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Documents and Settings\{user}\Desktopauthor v4.5.7\dwbreader.exe

Digital Signature

Signed by:

DNAML PTY LTD

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

10/11/2004 1:29:30 PM

Valid to:

10/8/2005 3:51:16 PM

Subject:

L=Sydney, S=NSW, C=AU, OU=Secure Application Development, O=DNAML PTY LTD, CN=DNAML PTY LTD

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

3EAE0F

File PE Metadata

Compilation timestamp:

9/23/2005 9:47:51 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

24576:umkf2QQe1EpzpFhsfmdi0Dmlz6lewAUYIfoKvPx6eNfn:FQt0z3hs+g2qGIl076y

Entry address:

0x3C1BC0

Entry point:

60, BE, 00, 60, 69, 00, 8D, BE, 00, B0, D6, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 19, 8B, 1E, 83, EE, FC, 11, DB, 72, 10, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 78, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11... 
[+]

Entropy:

7.8455

Packer / compiler:

UPX 2.90LZMA

Code size:

1.2 MB (1,228,800 bytes)

Remove dwbreader.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.