» ws_a_test_br_201382102320.exe
Overview
Analysis
File Details
Programs (1)

ws_a_test_br_201382102320.exe

EMG Technology Limited

The application ws_a_test_br_201382102320.exe by EMG Technology Limited has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program AirZip by EMG Technology Limited which is a potentially unwanted software program.

File name:

Publisher:

SoftStud (signed by EMG Technology Limited)

Description:

SoftStud

Version:

1.0.4.1953

MD5:

5bc7220b2339dc593ec74c8e3c741941

SHA-1:

50656533552a96b0bcfb76aed1312c8bdca3bdf6

SHA-256:

0a1b4e1c7a24e85b58b37cdf97fdc81a545a1e60c5a5842a1c6ea1cb0078d411

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

4/16/2024 9:26:25 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Win32.Generic

16.3.9.23

File size:

825.1 KB (844,944 bytes)

Product version:

1.0.4.1953

Original file name:

SoftStud.exe

File type:

Executable application (Win32 EXE)

Language:

English

Common path:

C:\Program Files\airzip\ws_a_test_br_201382102320.exe

Digital Signature

Signed by:

EMG Technology Limited

Authority:

GlobalSign nv-sa

Valid from:

7/31/2013 1:20:50 AM

Valid to:

8/1/2014 1:20:50 AM

Subject:

CN=EMG Technology Limited, O=EMG Technology Limited, L=HongKong, S=HongKong, C=HK

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11214B00008DA514B60ED8EE5329E4DF7F28

File PE Metadata

Compilation timestamp:

9/21/2013 11:18:15 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

24576:nSxYBs3cFui6l7yxgjLiqFppUZnE7F2IZxN2fBuA:GY1jdxgCuQE7FjIBuA

Entry address:

0x685C7

Entry point:

E8, A1, F3, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 53, 8B, 5D, 10, 8B, C3, 56, 83, E8, 00, 0F, 84, DC, 16, 00, 00, 48, 0F, 84, C4, 16, 00, 00, 48, 0F, 84, 8E, 16, 00, 00, 48, 0F, 84, 3D, 16, 00, 00, 8B, 55, 0C, 48, 0F, 84, AB, 15, 00, 00, 8B, 75, 08, 57, 83, FB, 20, 0F, 82, A1, 04, 00, 00, 8B, 06, 3B, 02, 0F, 84, 80, 00, 00, 00, 0F, B6, F8, 0F, B6, 02, 2B, F8, 74, 16, 33, C9, 85, FF, 0F, 9F, C1, 8D, 0C, 4D, FF, FF, FF, FF, 85, C9, 0F, 85, 9B, 08, 00, 00, 0F, B6, 7E, 01, 0F, B6, 42, 01, 2B, F8, 74, 16, 33... 
[+]

Entropy:

6.7414

Code size:

526.5 KB (539,136 bytes)

The file ws_a_test_br_201382102320.exe has been discovered within the following program.

AirZip by EMG Technology Limited

Publisher's description - “Airzip is a free and easy to use compression software that is based on 7-Zip technology. With its fast compression engine,Airzip is a powerful tool for unzipping Zip archives, creating Zip-compatible files and other archiving software.”

airzip.webssearches.com

About 60% of users remove it

Remove ws_a_test_br_201382102320.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.