home

pic+lcd+tutorial+asm_10924_i87537067_il345.exe

WinAce

KASHTAN OOO

The executable pic+lcd+tutorial+asm_10924_i87537067_il345.exe, “http://www.winace.com” has been detected as malware by 1 anti-virus scanner.
Publisher:
e-merge GmbH  (signed by KASHTAN OOO)

Product:
WinAce

Description:
http://www.winace.com

Version:
2.69.0.0

MD5:
40c0f411aa5c8628e85c4231f90e04c3

SHA-1:
cdebe82a005f4b668fc4c323cd887cc2beb5c7bf

SHA-256:
c987642204f1c2c211179648b79fcb930b54e322d52852d88249829de77d7469

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
5/15/2024 11:17:25 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.2.25.19

File size:
3.5 MB (3,704,208 bytes)

Product version:
02.69.00.00

Copyright:
1997-2007 ACE Compression Software & e-merge GmbH

Trademarks:
1997-2007 ACE Compression Software & e-merge GmbH

File type:
Executable application (Win32 EXE)

Language:
German (Germany)

Common path:
C:\users\{user}\downloads\pic+lcd+tutorial+asm_10924_i87537067_il345.exe

Digital Signature
Signed by:
KASHTAN OOO

Authority:
Thawte, Inc.

Valid from:
7/5/2015 2:00:00 AM

Valid to:
5/22/2016 1:59:59 AM

Subject:
CN=KASHTAN OOO, O=KASHTAN OOO, L=Naberezhnye Chelny, S=Tatarstan republic, C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
468BE39F7FCABE2D4D2D070862DD916B

File PE Metadata
Compilation timestamp:
11/20/2015 6:42:49 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x35439C

Entry point:
68, A0, 20, 1F, 11, E8, E6, BF, FF, FF, F6, C6, 2F, C1, E9, 0B, 66, 3B, DC, 0F, AF, CF, 85, E2, F5, 3B, F1, 0F, 83, 85, A3, 01, 00, 8B, D1, E9, 62, 53, 01, 00, 00, 00, 4F, 70, 65, 6E, 53, 65, 72, 76, 69, 63, 65, 57, 00, 8A, C2, 0A, AC, C2, 23, 86, B3, 1A, 9D, AE, DD, 37, CF, 55, 05, F0, 38, EB, 42, 32, 1F, 92, AB, 8D, 0C, 1F, 8D, 56, 5C, 3B, D9, E9, BC, 89, 01, 00, 1B, C9, 66, 85, F3, F5, 23, 4D, DC, F5, 66, 85, F3, 01, 5D, F0, 2B, 4D, E8, 2B, D3, 03, CF, E9, 60, 32, 01, 00, FF, D0, 5F, 66, 8B, F0, F7, D6...
 
[+]

Entropy:
7.6290

Code size:
3.1 MB (3,210,752 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.