» winamp5666_full_all.exe
Overview
Analysis
File Details
Programs (2)
Downloads (2203)

winamp5666_full_all.exe

Winamp Installer

Nullsoft Inc.

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This file is installed with multiple programs including Winamp. The file has been seen being downloaded from filehippo.com and multiple other hosts.

File name:

Publisher:

Nullsoft, Inc. (signed by Nullsoft Inc.)

Product:

Winamp Installer

Version:

5.6.6.3516

MD5:

110cd80079e9572aef511b0491e63b8c

SHA-1:

f702c19824ccf5471caeaee6fccc4e27558ae934

SHA-256:

d26d4c7e583a6a6f46011ea0cebd32e20499ce22c0058bb8b30e010d927221ec

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/22/2024 5:00:32 PM UTC (today)

Scan engine

Detection

Engine version

Emsisoft Anti-Malware

Gen:Variant.Graftor.66610

8.13.12.24.12

File size:

16.4 MB (17,163,336 bytes)

Product version:

5.66 Build 3516

Trademarks:

Nullsoft and Winamp are trademarks of Nullsoft, Inc.

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\winamp5666_full_all.exe

Digital Signature

Signed by:

Nullsoft Inc.

Authority:

America Online Inc.

Valid from:

3/15/2011 8:25:39 PM

Valid to:

3/14/2016 8:25:39 PM

Subject:

CN=Nullsoft Inc., OU=Winamp, O=Nullsoft Inc., C=US

Issuer:

CN=AOL Member CA, O=America Online Inc., L=Dulles, S=Virginia, C=US

Serial number:

5AA8C9C387719F49A16AF24065565550

File PE Metadata

Compilation timestamp:

2/24/2012 9:19:59 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

393216:pPok9LHTgm7KWhXezVeEzirPuj7/oo2g2ud8MvnBLm:RokdTf7fcirGj7/ooB22vB6

Entry address:

0x39E3

Entry point:

81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 91, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, C0, 82, 40, 00, 6A, 08, A3, B8, 2E, 47, 00, E8, 37, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, D0, 2D, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 93, 40, 00, FF, 15, 84, 81, 40, 00, 68, 04, 93, 40, 00, 68, C0, AD, 46, 00, E8, 19, 27, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 30, 4C, 00, 57, E8, 07, 27, 00, 00... 
[+]

Entropy:

7.9967

Packer / compiler:

Nullsoft install system v2.x

Code size:

28 KB (28,672 bytes)

The file winamp5666_full_all.exe has been discovered within the following programs.

360Amigo System Speedup Free by 360Amigo

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).

www.360amigo.com

53% remove it

Winamp by Nullsoft, Inc

Winamp is a media player for Windows-based PCs and Android devices, written by Nullsoft, now a subsidiary of AOL.

www.winamp.com

9% remove it

The file winamp5666_full_all.exe has been seen being distributed by the following 50 URLs.