home

reportwizard.exe

Atom Security OOO

The application reportwizard.exe by Atom Security OOO has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Atom Security OOO  (signed and verified)

MD5:
a3ad6be79961ab16b2b4f5bb44b1e433

SHA-1:
61e23486333b95a99a7936a55df83ded1ae648ac

SHA-256:
f9ee20cd7876d23afb3c192ca80a6976563e8d3a7cf7d060afe9f90b8e653a07

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 10:30:37 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.AtomSecurity
16.2.10.22

File size:
1.9 MB (1,971,160 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\staffcop\reportwizard.exe

Digital Signature
Signed by:
Atom Security OOO

Authority:
COMODO CA Limited

Valid from:
6/24/2013 2:00:00 AM

Valid to:
6/25/2014 1:59:59 AM

Subject:
CN=Atom Security OOO, OU=development, O=Atom Security OOO, STREET="Academician Koptyuga Prospect, 4,office 158", L=Novosibirsk, S=nso, PostalCode=630090, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
717783EFCF5E8A80B86D166EFF5E6862

File PE Metadata
Compilation timestamp:
8/27/2013 10:56:03 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:amQtkjNjAwNmHsN3MWzp5xxNOoqmQDr67jTRj:nNjNkwQsX5xxNnqBr4j

Entry address:
0x127ED2

Entry point:
E8, 1F, 46, 01, 00, E9, 89, FE, FF, FF, CC, CC, CC, CC, 83, 3D, A4, 70, 5E, 00, 00, 0F, 84, 82, 00, 00, 00, 83, EC, 08, 0F, AE, 5C, 24, 04, 8B, 44, 24, 04, 25, 80, 7F, 00, 00, 3D, 80, 1F, 00, 00, 75, 0F, D9, 3C, 24, 66, 8B, 04, 24, 66, 83, E0, 7F, 66, 83, F8, 7F, 8D, 64, 24, 08, 75, 55, E9, 99, 46, 01, 00, 90, 83, 3D, A4, 70, 5E, 00, 00, 74, 32, 83, EC, 08, 0F, AE, 5C, 24, 04, 8B, 44, 24, 04, 25, 80, 7F, 00, 00, 3D, 80, 1F, 00, 00, 75, 0F, D9, 3C, 24, 66, 8B, 04, 24, 66, 83, E0, 7F, 66, 83, F8, 7F, 8D, 64...
 
[+]

Code size:
1.4 MB (1,509,888 bytes)

Remove reportwizard.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.