home

wr.exe

Website Realizer

Adritech Software Company Limited

Publisher:
Adritech Software Company Limited  (signed and verified)

Product:
Website Realizer

Version:
1.7.16.0

MD5:
5367093496d6acdd68b81eeec5a36b20

SHA-1:
c1ab7901e789c0fd5d868887fa0a939bf3a95339

SHA-256:
93d533dd55ab281278b7f53cb3a6ba802ec1b949035cf09eb407e7bcbf0c13c1

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/20/2024 12:32:36 AM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Malware.Packed!1.9C4E
23.00.65.14218

File size:
29.8 MB (31,241,944 bytes)

Product version:
1.7.16.0

Copyright:
Copyright © 2010-2014 Adritech Software Company Limited

Original file name:
wr.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\website realizer\wr.exe

Digital Signature
Signed by:
Adritech Software Company Limited

Authority:
COMODO CA Limited

Valid from:
8/8/2013 8:00:00 PM

Valid to:
8/9/2014 7:59:59 PM

Subject:
CN=Adritech Software Company Limited, O=Adritech Software Company Limited, STREET=15 Yat Ming Rd, L=Fan Ling, S=New Territories, PostalCode=HK, C=HK

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00931232AF58C2D9B210202A024A53EE63

File PE Metadata
OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
3.0

CTPH (ssdeep):
786432:0oterdXAFEFnWMob0zh3ZscKmeVlSUVNPqHuL:nC5AKWxqwch6oUVI0

Entry address:
0x4DF0000

Entry point:
68, 00, 00, 00, 00, 68, 01, 00, 00, 00, 68, 00, 00, 40, 00, 68, 00, F0, 1E, 05, E9, 00, 04, 00, 00, CE, 21, 00, 00, 00, 00, 00, 00, 20, 21, 00, 00, 36, 21, 00, 00, 4A, 21, 00, 00, 5C, 21, 00, 00, 0E, 21, 00, 00, 7E, 21, 00, 00, 8A, 21, 00, 00, 96, 21, 00, 00, 6E, 21, 00, 00, 00, 21, 00, 00, 00, 00, 00, 00, B4, 21, 00, 00, 00, 00, 00, 00, 64, 75, 6D, 6D, 79, 00, 64, 75, 6D, 6D, 79, 00, 64, 75, 6D, 6D, 79, 00, 64, 75, 6D, 6D, 79, 00, 64, 75, 6D, 6D, 79, 00, 64, 75, 6D, 6D, 79, 00, 6B, 65, 72, 6E, 65, 6C, 33...
 
[+]

Entropy:
7.9822  (probably packed)

Code size:
19.6 MB (20,582,400 bytes)

Scan wr.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.