home

boite.exe

BANANAS MEDIA

The application boite.exe by BANANAS MEDIA has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
BANANAS MEDIA  (signed and verified)

Version:
0.0.0.0

MD5:
1dfc698e2a68e429f59f4457fe56671f

SHA-1:
189536cbb9fe564f4c7eaa2fc97f4c0bfbff15dd

SHA-256:
2f23ee3d1cc1a82292dc54cc920695dbf006c6d7c1a6863a718c2b4a8099117a

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 5:08:22 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Downloader.BANANASM.Meta (M)
16.7.1.15

File size:
13 KB (13,320 bytes)

Original file name:
boite.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\utorrent\boite.exe

Digital Signature
Signed by:
BANANAS MEDIA

Authority:
thawte, Inc.

Valid from:
8/11/2015 5:30:00 AM

Valid to:
8/11/2016 5:29:59 AM

Subject:
CN=BANANAS MEDIA, O=BANANAS MEDIA, L=PARIS, S=PARIS, C=FR

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
6DA942780D04295679C2C70A33576AA4

File PE Metadata
Compilation timestamp:
9/24/2015 1:50:14 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
192:USqicxegrbSbX5SsjS/H22rftHbIiSU7qFuVwZ4r:fXEb4Ssjuftcsek

Entry address:
0x3D8E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.6765

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
7.5 KB (7,680 bytes)

Remove boite.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.