home

win8wifi.exe

7ZSfxNew

BAT2EXE.NET

This is a setup program which is used to install the application. The file has been seen being downloaded from europa.iscsp.utl.pt.
Publisher:
BAT2EXE.NET

Product:
7ZSfxNew

Description:
Created by BAT2EXE

Version:
1, 1, 0, 0

MD5:
52569dc8cf1aeee72ed208f4689ad99d

SHA-1:
7306c67d6b3ecb405e66ab945ce1a0259d6cc23c

SHA-256:
73d002f2e3760361854fd9087d6531da164ab30ac44d5c0c25420cbb333306a9

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/1/2025 2:25:39 PM UTC  (today)

Scan engine
Detection
Engine version

Zillya! Antivirus
Backdoor.DarkKomet.Win32.23643
2.0.0.2182

File size:
265.1 KB (271,413 bytes)

Product version:
1, 1, 0, 0

Copyright:
Copyright © BAT2EXE

Trademarks:
By Islam Adel

Original file name:
7ZSfxNew.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\win8wifi.exe

File PE Metadata
Compilation timestamp:
7/22/2007 4:33:09 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:Q82gI9vcGEJ4dEIzJf/iqg+xObxd7oXQnk0UbmWXHSXFlOgUADQWsNc6C:QjvctN6JndHxObX7o30l/aZAgNcF

Entry address:
0x33EA0

Entry point:
60, BE, 00, 70, 42, 00, 8D, BE, 00, A0, FD, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75...
 
[+]

Packer / compiler:
UPX 2.90LZMA

Code size:
56 KB (57,344 bytes)

The file win8wifi.exe has been seen being distributed by the following URL.

http://europa.iscsp.utl.pt/.../win8wifi.exe

Scan win8wifi.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.