home

r8.exe

r8

WebDevAZ Inc

The application r8.exe by WebDevAZ Inc has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Windows-7-Themes.com  (signed by WebDevAZ Inc)

Product:
r8

Version:
1.0.0

MD5:
a6a3d141db09bb0d3b26a0d592fcf78b

SHA-1:
7c9ffdfa1b0e912e9f82f94b3bff893d53798d86

SHA-256:
8c6d606f826db6d26c8146ade025d6227f561b898774a6a4a61568abcc033691

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
5/3/2024 8:47:56 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.1.29.5

File size:
3.5 MB (3,674,584 bytes)

Product version:
1.0.0

Copyright:
Copyright (C) Windows-7-Themes.com

Original file name:
r8.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\ghiuni\themes\r8.exe

Digital Signature
Signed by:
WebDevAZ Inc

Authority:
GlobalSign nv-sa

Valid from:
12/7/2010 6:18:58 PM

Valid to:
12/8/2011 6:18:53 PM

Subject:
E=support@webdevaz.com, CN=WebDevAZ Inc, O=WebDevAZ Inc, L=Arizona, S=AZ, C=US

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000012CC20963A5

File PE Metadata
Compilation timestamp:
6/17/2010 10:17:41 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x85930

Entry point:
E8, E2, A9, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 18, 53, 57, FF, 75, 08, 8D, 4D, E8, E8, 8B, F5, FF, FF, 8B, 45, 10, 8B, 7D, 0C, 33, DB, 3B, C3, 74, 02, 89, 38, 3B, FB, 75, 2B, E8, EC, 36, 00, 00, 53, 53, 53, 53, 53, C7, 00, 16, 00, 00, 00, E8, 17, D2, FF, FF, 83, C4, 14, 38, 5D, F4, 74, 07, 8B, 45, F0, 83, 60, 70, FD, 33, C0, E9, A4, 01, 00, 00, 39, 5D, 14, 74, 0C, 83, 7D, 14, 02, 7C, CA, 83, 7D, 14, 24, 7F, C4, 56, 0F, B7, 37, 89, 5D, FC, 83, C7, 02, EB, 05, 0F, B7, 37, 47, 47, 8D, 45...
 
[+]

Code size:
688.5 KB (705,024 bytes)

Remove r8.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.