home

UnlockRoot.exe

UnlockRoot

广州市海珠区维思计算机网络服务部

The executable UnlockRoot.exe has been detected as malware by 6 anti-virus scanners.
Publisher:
广州市海珠区维思计算机网络服务部  (signed and verified)

Product:
UnlockRoot

Version:
2, 2, 0, 0

MD5:
572e7a8f3e35bb1347cdf31f6dde94eb

SHA-1:
05ae54d9dfb2a468ba40889bdd8ebb5314231a1d

SHA-256:
d5e1b04c762342e7364aa6d659df3bd3be5be1cc6357e9c49931ed03ccd896a1

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
5/14/2025 11:16:36 AM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
UnclassifiedMalware
17267

ESET NOD32
Win32/UnlockRoot
8.9045

McAfee
Artemis!572E7A8F3E35
5600.7023

Sophos
Sus/UnkPacker
4.73 TP

Trend Micro House Call
TROJ_GEN.F47V0910
7.2.241

Vba32 AntiVirus
BScope.Trojan.Waledac
3.12.24.3

File size:
2.3 MB (2,397,488 bytes)

Product version:
2, 2, 0, 0

Copyright:
Copyright 2011-2012 Anshouj.com

Original file name:
UnlockRoot.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\unlockroot\unlockroot.exe

Digital Signature
Signed by:
广州市海珠区维思计算机网络服务部

Authority:
WoSign, Inc.

Valid from:
11/2/2010 2:00:00 AM

Valid to:
11/2/2012 1:59:59 AM

Subject:
CN=GuangZhou HaiZhu District WeiSi Computer Network Services, OU=WoSign Class 3 Code Signing, O=广州市海珠区维思计算机网络服务部, L=GuangZhou, S=GuangDong, C=CN

Issuer:
CN=WoSign Code Signing Authority, O="WoSign, Inc.", C=US

Serial number:
351BE252AD6CBD0ECC0011B8C39EA3BB

File PE Metadata
Compilation timestamp:
4/1/2006 1:05:09 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:axN4SB1msvbnR+V/unnhAHY0rBg/OGR9ye17TlrpBOQvncxtMq4wJ:HS1XMtunpIg/N17NpJ/c0dwJ

Entry address:
0xE97F0

Entry point:
E8, 1B, 00, 00, 00, 56, 50, 72, 6F, 74, 65, 63, 74, 20, 55, 6C, 74, 69, 6D, 61, 74, 65, 20, 76, 32, 2E, 31, 2E, 30, 2E, 30, 00, 8D, 64, 24, 04, E8, C6, F9, 02, 00, 5E, 66, 1C, 26, 44, 82, 30, 1D, 16, 84, 66, E3, 5D, 41, 70, 05, 47, 53, 77, 82, 26, 71, 44, D3, 4D, 73, 6A, 6A, 33, 64, 5A, 2F, 04, 5E, 31, B6, 0D, FC, 55, 40, 2F, A8, 6A, D0, 2F, 11, 03, D7, 09, 86, 3E, 41, 01, 13, 36, EA, 3E, 8E, 64, C7, 44, F1, 1F, 45, 68, BD, 36, A8, 2C, 39, 19, 7C, 65, BE, 75, 47, 09, 80, 28, 24, 1F, 69, 22, F5, 45, 04, 48...
 
[+]

Entropy:
7.9283  (probably packed)

Code size:
18 KB (18,432 bytes)

Remove UnlockRoot.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.