home

keygen.exe

The application keygen.exe has been detected as a potentially unwanted program by 13 anti-malware scanners.
MD5:
d28099ee1f525b8ef87430c8c2bf269d

SHA-1:
fc30f1af2f206a9a116bdc7cb80457544941a8fc

SHA-256:
7a662fd8e220b0d490cc0aaca60931399cc99dda7c46116f266d312d553618d1

Scanner detections:
13 / 68

Status:
Potentially unwanted

Analysis date:
4/20/2024 12:37:14 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/PECompact
7.1.1

AhnLab V3 Security
Trojan/Win32.Graybird
2014.06.18

AVG
Trojan horse Dropper.Generic8
2015.0.3342

Baidu Antivirus
Trojan.Win32.Agent
4.0.3.14923

Bkav FE
HW32.CDB
1.3.0.4959

Clam AntiVirus
Win.Trojan.Keygen-463
0.98/19086

ESET NOD32
Win32/Keygen.AI potentially unsafe application
8.7.0.302.0

K7 AntiVirus
Unwanted-Program
13.183.13463

Norman
Hacktool.A!genr
11.20140923

Sophos
Mal/KeyGen-M
4.98

Trend Micro House Call
TROJ_SPNR.08HS14
7.2.266

Trend Micro
TROJ_SPNR.08HS14
10.465.23

VIPRE Antivirus
Threat.45116
29708

File size:
215.5 KB (220,672 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\winrar\keygen.exe

File PE Metadata
Compilation timestamp:
5/6/2012 4:40:24 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:KMUIV12o+oc8sNFH7t+TeWZxyLdT0xXrs3wsQ:KM1Eoc8sj70Tzx6dT0xXg3

Entry address:
0x94CE

Entry point:
B8, E4, 78, 45, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 3A, 24, B0, 89, 10, 50, 99, C4, 36, 40, 54, 19, FC, 6A, 45, F0, BA, 0C, E1, 5E, 87, 0B, 14, F2, 0F, 00, 13, CA, DA, AC, 83, 63, 9F, 3B, 8A, 0B, B8, C9, 85, FB, 1F, BA, 4E, 53, DB, 72, 59, 80, 38, CA, 23, 78, 93, A0, 1A, EE, 6E, E9, 27, 72, 14, 70, C1, 24, 28, DD, 0A, 5D, A3, D6, 05, 85, 51, 28, 0D, DC, 70, E1, 35, 58, 8F, 85, 32, 97, 1A, F0, 06, 52, 0D, E4, E6, 58, 31...
 
[+]

Entropy:
7.9890

Packer / compiler:
PECompact v2

Code size:
83.5 KB (85,504 bytes)

Remove keygen.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.