home

winbstrramt.exe

IPO Communications

The executable winbstrramt.exe has been detected as malware by 1 anti-virus scanner.
Publisher:
IPO Communications  (signed and verified)

Version:
1.1.0.1

MD5:
93f200e1aff001f4c7e048d8b7a6a631

SHA-1:
848237713f40971bfeb2f9a3ec49fc44fdf96bbf

SHA-256:
048139b2896416a0b856095df91d8e78c488cbc6c2329ba193cec9b39e38265e

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
4/26/2024 11:21:06 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.12.27.2

File size:
562.2 KB (575,656 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\windowsbooster\winbstrramt.exe

Digital Signature
Signed by:
IPO Communications

Authority:
COMODO CA Limited

Valid from:
6/29/2012 9:00:00 AM

Valid to:
6/30/2013 8:59:59 AM

Subject:
CN=IPO Communications, O=IPO Communications, STREET="504 Freebero Officetel,15-14 Yeouido-dong", L=Yeongdeungpo-gu, S=Seoul, PostalCode=150010, C=KR

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
073D112E1D1FEE4840ABCE47AAB412AE

File PE Metadata
Compilation timestamp:
6/20/1992 7:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x7637C

Entry point:
55, 8B, EC, 83, C4, F0, 53, B8, DC, 5F, 47, 00, E8, 3F, 09, F9, FF, A1, DC, 8A, 47, 00, 8B, 00, 8B, 10, FF, 52, 34, 8B, 0D, F0, 89, 47, 00, A1, DC, 8A, 47, 00, 8B, 00, 8B, 15, F4, 50, 47, 00, 8B, 18, FF, 53, 30, A1, DC, 8A, 47, 00, 8B, 00, 8B, 10, FF, 52, 38, 5B, E8, C5, E4, F8, FF, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.6091

Developed / compiled with:
Microsoft Visual C++

Code size:
469 KB (480,256 bytes)

Remove winbstrramt.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.