home

winrtgen.exe

Rainbow Tables Generator

oxid.it

The executable winrtgen.exe has been detected as malware by 7 anti-virus scanners.
Publisher:
oxid.it

Product:
Rainbow Tables Generator

Version:
2, 9, 0, 4

MD5:
ded96852a856a12d9b4491754d1b127f

SHA-1:
60f8e7f88cfdbc632897153083951fed93413a28

SHA-256:
fc813cd2073ce3a6b3c789e744aff9c8eca981126826b774eae24df5366b46e9

Scanner detections:
7 / 68

Status:
Malware

Analysis date:
4/26/2024 10:22:37 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Suspicious
7.1.1

Comodo Security
Packed.Win32.MUPX.Gen
17831

K7 AntiVirus
Riskware
13.175.10881

McAfee
Artemis!DED96852A856
5600.7237

Norman
Troj_Generic.RXRGX
11.20140127

Panda Antivirus
Malicious Packer
14.01.27.09

Trend Micro House Call
TROJ_GEN.R0C1H07LB13
7.2.27

File size:
385 KB (394,240 bytes)

Product version:
2, 9, 0, 4

Copyright:
Copyright© 2004-2013 Massimiliano Montoro

Original file name:
winrtgen.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\cain\winrtgen\winrtgen.exe

File PE Metadata
Compilation timestamp:
12/3/2013 2:52:10 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:ni7UjUh2wuL+mP12YBT2518bxU6IT0yUB/AkHhWUfCLN8+OB8MB0/Y:imKLmP12YB28bxU9e/AkHFfChQB8/

Entry address:
0x14273D

Entry point:
F2, C7, C6, F5, E4, 17, 7E, 8B, CF, 0F, BA, FF, 95, 0F, A5, F7, FE, CC, 0F, A5, D3, 85, DA, 0F, AF, FE, F3, 85, EF, 0F, C9, D1, D6, 0F, BD, EF, 31, CB, 25, EC, FF, C6, 71, 80, F8, 4F, 4E, 0F, BA, E5, BB, 0F, BA, F2, 49, 65, 0F, BA, FF, 95, 69, FE, 65, 94, 07, AE, F7, C3, 24, 57, BE, 89, 26, 89, EE, C0, DC, 93, 0F, BA, F2, 61, 48, 8B, F5, C0, DC, 2B, 0C, 39, 48, 0F, BB, F7, 80, DC, C3, 08, C2, 0F, BA, E9, 9C, 0F, CF, 0F, AC, FD, 5B, 0F, CA, 0F, B7, CF, 87, F1, 86, E7, C1, F3, C1, F6, D8, 81, D6, 8D, 1C, 6F...
 
[+]

Entropy:
7.9159  (probably packed)

Code size:
380 KB (389,120 bytes)

Remove winrtgen.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.