» winchm pro v4.02_patch.exe
Overview
Analysis
File Details

winchm pro v4.02_patch.exe

The application winchm pro v4.02_patch.exe has been detected as a potentially unwanted program by 29 anti-malware scanners.

File name:

MD5:

64282d58cb44def2c0f9f09d705af618

SHA-1:

e2367f6484c4e0b7a9316b211c8653e69bf1895d

SHA-256:

8b3d1016715622b8a0d25086ed963f45c2b214092b3adedd788a254964b73f4d

Scanner detections:

29 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 4:16:14 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Backdoor.Generic.380801

1018

Agnitum Outpost

Backdoor.Agent

7.1.1

Avira AntiVirus

BDS/Gendal.223744

7.11.140.84

Baidu Antivirus

Trojan.Win32.Agent

4.0.3.14423

Bitdefender

Backdoor.Generic.380801

1.0.20.565

Bkav FE

W32.Clodbaa.Trojan

1.3.0.4959

Comodo Security

UnclassifiedMalware

18022

Emsisoft Anti-Malware

Backdoor.Generic.380801

8.14.04.23.04

ESET NOD32

Win32/HackTool.Patcher (variant)

8.9615

Fortinet FortiGate

PossibleThreat.w

4/23/2014

F-Prot

W32/Backdoor2.DAPG

v6.4.7.1.166

F-Secure

Backdoor.Generic.380801

11.2014-23-04_4

G Data

Backdoor.Generic.380801

14.4.24

IKARUS anti.virus

Backdoor.Win32.SuspectCRC

t3scan.2.2.29

K7 AntiVirus

Backdoor

13.176.11595

Malwarebytes

PUP.RiskwareTool.CK

v2014.04.23.04

McAfee

Generic.dx!64282D58CB44

5600.7152

MicroWorld eScan

Backdoor.Generic.380801

15.0.0.339

NANO AntiVirus

Trojan.Win32.Gendal.blhhyc

0.28.0.58720

Norman

Suspicious_Gen2.BQBRU

11.20140423

nProtect

Backdoor.Generic.380801

14.03.30.01

Panda Antivirus

Trj/CI.A

14.04.23.04

Qihoo 360 Security

Win32/Backdoor.622

1.0.0.1015

Rising Antivirus

PE:Trojan.Win32.Generic.129AC5AB!312133035

23.00.65.14421

Sophos

Troj/Crack-AE

4.98

Total Defense

Win32/Cracker.CC

37.0.10849

Trend Micro House Call

TROJ_SPNR.08GO11

7.2.113

Trend Micro

TROJ_SPNR.08GO11

10.465.23

VIPRE Antivirus

Trojan.Win32.Generic

27884

File size:

218.5 KB (223,744 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\softany\winchm\winchm pro v4.02_patch.exe

File PE Metadata

Compilation timestamp:

2/19/2008 9:36:55 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.12

CTPH (ssdeep):

6144:VyJPap6fjHtscpEviL3BTCCp/AtTgtkSin4:e5jZpJz1FdqgtkSin4

Entry address:

0x10E7

Entry point:

6A, 00, E8, B4, 26, 00, 00, A3, E0, 93, 40, 00, E8, F4, 27, 00, 00, C7, 05, 0A, 9E, 40, 00, 94, 00, 00, 00, 68, 0A, 9E, 40, 00, E8, A2, 26, 00, 00, 83, 3D, 0E, 9E, 40, 00, 05, 72, 59, 68, 0E, 91, 40, 00, E8, 83, 26, 00, 00, 50, 68, 19, 91, 40, 00, 50, E8, 7D, 26, 00, 00, A3, 9E, 9E, 40, 00, 58, 68, 4C, 91, 40, 00, 50, E8, 6C, 26, 00, 00, A3, A6, 9E, 40, 00, 68, 2D, 91, 40, 00, E8, 57, 26, 00, 00, 68, 37, 91, 40, 00, 50, E8, 52, 26, 00, 00, A3, A2, 9E, 40, 00, 6A, 0A, 6A, 00, 6A, 00, FF, 35, E0, 93, 40, 00... 
[+]

Packer / compiler:

TASM / MASM

Code size:

25 KB (25,600 bytes)

Remove winchm pro v4.02_patch.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.