The KeySMasterPro-v2.3.exe (AudioWizard Setup Launcher) File Analysis

Updated 5 months ago

Checked by Malware Check

KeySMasterPro-v2.3.exe

Technical Analysis

File Name	KeySMasterPro-v2.3.exe
File Type	Win32 EXE
Magic Bytes	`PE32 executable (GUI) Intel 80386, for MS Windows`
SSDEEP Hash	1572864:si9/7Rkl3GJoZMwVk8Xy5tpv1oCMl+LEH/mnE2zOMfAriNC:d7RGubuk8XyxdoCy+LEfmn9i7iNC
Scanner Version	1.0.207.174
Database Version	2025-02-08 17:00:35 UTC

⚠

Suspicious File Detected

Detected by 11 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.

16%

Detection Rate

83,575,766

File Size (bytes)

11/70

Engines Detected

2025-02-08

Analysis Date

Scan Another File

File Identification

Hash Type	Value	Action
MD5	dc38d011ed268eadd8cad1b5bb46770a
SHA1	8daaba4eb339457e840c4ce6dbfd447768bdd570
SHA256	01abdaba682ad0888ef699cdb0879a5e58efedc2598ae27f4460f456ca94e7fc
SHA512	13e64a8bc366c142e8e6ca28d4ab83797ba7f4deff2fe3ed36718e7155530fcea12e142e7db6e9323c38bf521bdf636093b33bcb47952308bd7a64dd2d608a85
ImpHash	8fbad21abda894818fc12da6447303de

Security Engines with Detections (11 of 70)

Bkav

W32.AIDetectMalware Malicious

ESET-NOD32

a variant of Win32/GenKryptik.HGGV Malicious

Avast

PWSX-gen [Trj] Malicious

F-Secure

Trojan.TR/Dropper.Gen Malicious

Avira

TR/Dropper.Gen Malicious

Microsoft

Program:Win32/Wacapew.C!ml Malicious

Cynet

Malicious (score: 99) Malicious

VBA32

BScope.TrojanPSW.Lumma Malicious

Rising

[email protected] (RDML:LxxS3hzR6yE1TRJ2LHuQnA) Malicious

AVG

PWSX-gen [Trj] Malicious

DeepInstinct

MALICIOUS Malicious

59 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

▼

Icon	Hash: 0994d4ac1fb53dafefe9f7e2d809d2c5 Fuzzy: 08fe358a3171e11e38736224bc9dd862 dHash: 554d79355d61634d
Image Base	`0x00400000`
Entry Point	`0x00409270`
Compilation Time	2025-02-04 12:23:24
Checksum	0x000b4b4e (Actual: 0x04fb7aba)
OS Version	6.0
PEiD Signatures	`PE32 executable (GUI) Intel 80386, for MS Windows`
Digital Signature	The expected hash does not match the digest in SpcInfo
Imports	2 libraries KERNEL32, msvcrt
Exports	0 functions
Resources	76 Resources
Sections	5 Sections

Version Information

▼

CompanyName	ICEpower a/s
FileDescription	AudioWizard Setup Launcher
FileVersion	1.0.13.8
InternalName	Setup
LegalCopyright	Copyright (c) 2014 - ICEpower a/s
OriginalFilename	InstallShield Setup.exe
ProductName	AudioWizard
ProductVersion	1.0.13.8
Internal Build Number	158438
ISInternalVersion	22.0.347
ISInternalDescription	Setup Launcher Unicode
Translation	0x0409 0x04b0

PE Sections

▼

Name	Virtual Address	Virtual Size	Raw Size	Entropy	Characteristics	MD5
`.text`	`0x00001000`	52,096 bytes	52,224 bytes	6.06 (Normal)	`IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ`	`5C3F66E6F84626A69F1A0C064F4F978C`
`.rdata`	`0x0000e000`	16,656 bytes	16,896 bytes	5.92 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`0A6E5729EB317C3315C6692B9F2A9917`
`.data`	`0x00013000`	2,024 bytes	1,024 bytes	2.93 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`B683A7C2C0D70FC79C772450B713CACA`
`.rsrc`	`0x00014000`	656,705 bytes	656,896 bytes	7.53 (Packed/Encrypted)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`0786FD878ED35FABDFC5B248BAF6D5B4`
`.reloc`	`0x000b5000`	2,272 bytes	2,560 bytes	6.22 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_DISCARDABLE\|IMAGE_SCN_MEM_READ`	`4BA385AA10A990582756AD597D953F3C`

Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Resource Analysis

▼

Total Resources: 76 (652,750 bytes)

Resource Type	Count	Total Size	Percentage
GIF	2	26,438 bytes	4.1%
PNG	2	27,062 bytes	4.1%
RT_BITMAP	6	208,296 bytes	31.9%
RT_ICON	11	26,552 bytes	4.1%
RT_DIALOG	23	9,914 bytes	1.5%
RT_STRING	25	19,588 bytes	3%
RT_RCDATA	1	331,776 bytes	50.8%
RT_GROUP_ICON	3	172 bytes	0%
RT_VERSION	1	1,008 bytes	0.2%
RT_MANIFEST	2	1,944 bytes	0.3%

Certificate Chain Analysis

▼

Certificate Information

Product	AudioWizard
Description	AudioWizard Setup Launcher
File Version	1.0.13.8
Original Name	InstallShield Setup.exe
Signing Date	04:00 AM 01/08/2019 (2376 days ago)
Verification Status	The digital signature of the object did not verify.
Signers	ICEpower a/s; DigiCert EV Code Signing CA (SHA2); DigiCert
Counter Signers	DigiCert SHA2 Timestamp Responder; DigiCert SHA2 Assured ID Timestamping CA; DigiCert
Internal Name	Setup
Copyright	Copyright (c) 2014 - ICEpower a/s

Certificate Chain Summary

ICEpower a/s #1 Primary

Validity Period: 2018-01-08 00:00:00 → 2020-12-09 12:00:00

Signature Algorithm: sha256RSA

Serial Number: 0B 9D E2 34 3A C1 3F 9F DF 2B C2 D7 F3 A6 C2 00

DigiCert EV Code Signing CA (SHA2) #2 Chain

Validity Period: 2012-04-18 12:00:00 → 2027-04-18 12:00:00

Signature Algorithm: sha256RSA

Serial Number: 03 F1 B4 E1 5F 3A 82 F1 14 96 78 B3 D7 D8 47 5C

DigiCert SHA2 Timestamp Responder #3 Chain

Validity Period: 2017-01-04 00:00:00 → 2028-01-18 00:00:00

Signature Algorithm: sha256RSA

Serial Number: 09 C0 FC 46 C8 04 42 13 B5 59 8B AF 28 4F 4E 41

DigiCert SHA2 Assured ID Timestamping CA #4 Chain

Validity Period: 2016-01-07 12:00:00 → 2031-01-07 12:00:00

Signature Algorithm: sha256RSA

Serial Number: 0A A1 25 D6 D6 32 1B 7E 41 E4 05 DA 36 97 C2 15

✓ This file has been digitally signed and the certificate chain has been verified

The signature ensures file integrity and authenticity from the publisher
Timestamping proves when the signature was applied

Certificate Verification Status

The expected hash does not match the digest in SpcInfo

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
Email Security: Be cautious with email attachments and links, even from known contacts.

Proactive Protection

11 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for

5 4 3 2 1

The KeySMasterPro-v2.3.exe (AudioWizard Setup Launcher) File Analysis

Technical Analysis

Suspicious File Detected

Scan Another File

File Identification

Security Engines with Detections (11 of 70)

PE Analysis

Basic Information

Version Information

PE Sections

Entropy Analysis Alert

Resource Analysis

Certificate Chain Analysis

Certificate Information

Certificate Chain Summary

Certificate Verification Status

Remember: This is Result of Online Virus Scanner

Keep Your System Protected

Leave a Comment

Gridinsoft Anti-Malware