home

wimaia85.exe

Manutius.com MicroSetup for WinImage

Gilles Vollant

This is a self-extracting archive and installer. The file has been seen being downloaded from www.winimage.com.
Publisher:
WinImage  (signed by Gilles Vollant)

Product:
Manutius.com MicroSetup for WinImage

Description:
WinImage MicroSetup

Version:
1, 0, 0, 1

MD5:
b19b895c1567c244d75b4e85aa45d9d0

SHA-1:
e1f96aec164c93939c30d1993e78c7ec0a4fc2a9

SHA-256:
bcef5a898fedd94dd85e87865c34a57d1c07b9bdbf3985065bd135fc67722db4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/4/2025 7:03:02 AM UTC  (today)

File size:
1.4 MB (1,506,304 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright © 2001 François Liger for WinImage

Original file name:
MicroSetup.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\wimaia85.exe

Digital Signature
Signed by:
Gilles Vollant

Authority:
GlobalSign nv-sa

Valid from:
4/16/2007 8:16:28 PM

Valid to:
4/16/2010 8:16:28 PM

Subject:
E=info@winimage.com, CN=Gilles Vollant, C=FR

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
01000000000111FB9C2CBD

File PE Metadata
Compilation timestamp:
10/26/2009 9:31:23 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:atugaNOQNHFqIwLZ15fS0ZjW2vyOAn5lBvpb1kT1rBApPI2r4pm+HXcfWlctG8:G8vHVwLZLSCu5lBvUVAlI2r4kAcfUUG8

Entry address:
0x1A030

Entry point:
E0, 82, 01, 40, 01, 00, 00, 00, 00, 00, 22, 40, 01, 00, 00, 00, 60, 8A, 00, 40, 01, 00, 00, 00, 00, 00, 22, 40, 01, 00, 00, 00, C0, 88, 01, 40, 01, 00, 00, 00, 00, 00, 22, 40, 01, 00, 00, 00, AE, B4, E2, 45, C3, B1, D0, 11, B9, 2F, 00, A0, C9, 03, 12, E1, EE, 14, 02, 00, 00, 00, 00, 00, C0, 00, 00, 00, 00, 00, 00, 46, 01, 14, 02, 00, 00, 00, 00, 00, C0, 00, 00, 00, 00, 00, 00, 46, 0B, 01, 00, 00, 00, 00, 00, 00, C0, 00, 00, 00, 00, 00, 00, 46, 00, 2D, 00, 40, 01, 00, 00, 00, 00, 00, 22, 40, 01, 00, 00, 00...
 
[+]

Code size:
94.5 KB (96,768 bytes)

The file wimaia85.exe has been seen being distributed by the following URL.

http://www.winimage.com/.../wimaia85.exe

Scan wimaia85.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.