home

wavtoasf.exe

Wave To ActiveMovie Stream Converter

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The executable wavtoasf.exe has been detected as malware by 10 anti-virus scanners.
Publisher:
Microsoft Corporation*  (Invalid match)

Product:
Wave To ActiveMovie Stream Converter

Version:
3.0.0.1280

MD5:
4cde71925f8ee1b1b7e6b2b474026f99

SHA-1:
560766bedc64b7a79121f8408c1d2dc4107bb676

SHA-256:
89679aa6e93d4147c3120b82d5e5c15cda5fc4b326952f8dfd6f739e5b952084

Scanner detections:
10 / 68

Status:
Malware

Analysis date:
5/12/2025 3:06:32 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Agent.83024
7.11.124.184

avast!
Win32:CIH-G@dam
2014.9-140315

Bkav FE
W32.Clod950.Trojan
1.3.0.4613

Comodo Security
UnclassifiedMalware
17592

G Data
Win32.Trojan.Agent.0M3BHD
14.3.22

IKARUS anti.virus
Trojan-Dropper.Agent
t3scan.2.2.29

McAfee
Artemis!5CF63F2D617A
5600.7191

Norman
Suspicious_Gen2.UXYOU
11.20140315

Trend Micro House Call
TROJ_GEN.R0CBH07K313
7.2.74

VIPRE Antivirus
Trojan.Win32.Generic
25314

File size:
81.1 KB (83,024 bytes)

Product version:
3.0.0.1280

Copyright:
Copyright (C) Microsoft Corp. 1995-1996

Original file name:
WAVTOASF

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\microsoft office\office\wavtoasf.exe

File PE Metadata
Compilation timestamp:
12/19/1997 9:12:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
5.10

CTPH (ssdeep):
1536:K9SnrROZ2FiyDk0PaYbGbP66ocD+vvMqn+wvLZHHH:mArROcFiyDk0yNa0CJvLZHHH

Entry address:
0x10A80

Entry point:
55, 8B, EC, 6A, FF, 68, D8, 29, 00, 01, 68, A0, 0F, 01, 01, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, C4, E0, 53, 56, 57, 89, 65, E8, C7, 45, FC, 00, 00, 00, 00, 6A, 01, FF, 15, F0, 10, 00, 01, 83, C4, 04, C7, 05, 6C, 4E, 01, 01, FF, FF, FF, FF, C7, 05, 70, 4E, 01, 01, FF, FF, FF, FF, FF, 15, EC, 10, 00, 01, 8B, 0D, 68, 4E, 01, 01, 89, 08, FF, 15, CC, 10, 00, 01, 8B, 15, 64, 4E, 01, 01, 89, 10, A1, C4, 10, 00, 01, 8B, 08, 89, 0D, 74, 4E, 01, 01, E8, 96, 04, 00, 00, A1, 10, 3E, 01, 01, 85...
 
[+]

Entropy:
5.9927

Developed / compiled with:
Microsoft Visual C++

Code size:
70 KB (71,680 bytes)

Remove wavtoasf.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.