home

boite.exe

BANANAS MEDIA

The application boite.exe by BANANAS MEDIA has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
BANANAS MEDIA  (signed and verified)

Version:
0.0.0.0

MD5:
c87a0d6022e743b94633096b3656be79

SHA-1:
13cb2be27b4c1e937a787bf81d6b0451d31753d0

SHA-256:
50a7fa76cd9c28ec6283350793c191c71ec407bd2f0c85d159e7be3c3e0dd575

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 4:48:55 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Downloader.BANANASM.Meta (M)
16.7.1.15

File size:
13 KB (13,320 bytes)

Original file name:
boite.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\Musicloud\boite.exe

Digital Signature
Signed by:
BANANAS MEDIA

Authority:
thawte, Inc.

Valid from:
8/10/2015 7:00:00 PM

Valid to:
8/10/2016 6:59:59 PM

Subject:
CN=BANANAS MEDIA, O=BANANAS MEDIA, L=PARIS, S=PARIS, C=FR

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
6DA942780D04295679C2C70A33576AA4

File PE Metadata
Compilation timestamp:
8/11/2015 9:17:53 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
192:EoSqicxegrbSbX5SsjS/H22rftHdrIi07qFuVwZi:EbXEb4Ssjuft9s9ek

Entry address:
0x3D8E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.6780

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
7.5 KB (7,680 bytes)

Remove boite.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.