home

wsarc_add.exe

aignes.com - Martin Aignesberger

Publisher:
aignes.com - Martin Aignesberger  (signed and verified)

MD5:
94f1dc6e8444dff99ec10b0435859a55

SHA-1:
d52d954dc82668f5c0bd5cbc4f98586d87b911a7

SHA-256:
a9893299db448d7b35b929ee1e208bee46cedf8fe6d90f3d80d538bcc713c9d1

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/25/2024 12:30:25 PM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
Trojan-Dropper.Win32.Agent.qqu
15.06.12

Prevx
Suspicious
3.0.6

File size:
47.6 KB (48,760 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\local website archive\wsarc_add.exe

Digital Signature
Signed by:
aignes.com - Martin Aignesberger

Authority:
The USERTRUST Network

Valid from:
10/16/2006 5:00:00 PM

Valid to:
10/16/2008 4:59:59 PM

Subject:
CN=aignes.com - Martin Aignesberger, O=aignes.com - Martin Aignesberger, STREET=Goethestrasse 10, L=Attnang-Puchheim, S=Austria, PostalCode=4800, C=AT

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
0ADC8A49EEC8BDE57110664A23F9FE97

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
768:qp8N1w4WE5leDSVv6QHl9CJraK57iZJFpf+YsYDi4qtIMGH337L3R9BNN:qQiFKv8J2AnYFDeC7PBNN

Entry address:
0x8524

Entry point:
55, 8B, EC, B9, 05, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, B8, DC, 84, 40, 00, E8, 53, C3, FF, FF, 33, C0, 55, 68, 01, 87, 40, 00, 64, FF, 30, 64, 89, 20, 8D, 55, EC, A1, 7C, 93, 40, 00, 8B, 00, E8, 82, D5, FF, FF, 8B, 55, EC, B8, A0, A7, 40, 00, E8, 85, B4, FF, FF, 8D, 55, E8, A1, A0, A7, 40, 00, E8, 80, D1, FF, FF, 8B, 55, E8, B8, 18, 87, 40, 00, E8, AF, B7, FF, FF, 85, C0, 0F, 8E, DD, 00, 00, 00, B8, 9C, A7, 40, 00, 8B, 15, A0, A7, 40, 00, E8, 53, B4, FF, FF, 68, A8, A7, 40, 00, 8B, 15, 9C, A7, 40, 00...
 
[+]

Entropy:
6.2976

Developed / compiled with:
Microsoft Visual C++

Code size:
30 KB (30,720 bytes)

Scan wsarc_add.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.