wincmd.exe

wincmd

MM Studio

Publisher:
MM Studio  (signed and verified)

Product:
wincmd

Version:
1.32

MD5:
3b266507e37a9e38c2125dd149314e8a

SHA-1:
f84a020fb839bf9f80d6584be460df90461b293d

SHA-256:
0f245fa4f9c76a5665bcc19be4dd88ebc997d82c96f8bb5edfc909981b16b7ce

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/27/2024 5:21:52 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
probably BACKDOOR.Trojan
9.0.1.05190

F-Prot
W32/VB-Backdoor-PEK-based!Maxim
4.6.5.141

File size:
517.5 KB (529,880 bytes)

Product version:
1.32

Copyright:
MM Studio

Trademarks:
MM Studio

Original file name:
wincmd.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\windows\wincmd\wincmd.exe

Digital Signature
Signed by:

Authority:
Unizeto Technologies S.A.

Valid from:
10/5/2011 1:45:44 PM

Valid to:
8/7/2012 1:45:44 PM

Subject:
C=PL, O=MM Studio, OU=Swidnik, CN=MM Studio Maciej Piwko, E=biuro@mmstudio.pl

Issuer:
CN=Certum Level III CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
4BEC754AF8C012D0095DF2DBF10E930B

File PE Metadata
Compilation timestamp:
5/9/2012 11:25:53 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:4OL5VGI/qpHlHNHRxAMO0MtDZvGCMq9DAV/SK345sGyahiyRxZeA/Edu:bVcPFHOkoZGSk0Oah9RxZeAMu

Entry address:
0x51B8

Entry point:
68, 90, 55, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 8F, B9, DC, 80, E7, B3, C2, 4A, 8F, 07, 31, C3, DC, A2, 1F, 2A, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 2D, 43, 30, 30, 30, 2D, 69, 6E, 63, 6D, 64, 6E, 6E, 74, 00, 30, 34, 36, 7D, 23, 32, 2E, 00, 00, 00, 00, 01, 00, 17, 00, 30, 92, 40, 00, 00, 00, 00, 00, FF, FF, FF, FF, FF, FF, FF, FF, 00, 00, 00, 00, D4, 96, 40, 00, D8, E1, 47, 00, 00, 00, 00, 00, 28, 68, 1F, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
500 KB (512,000 bytes)

Windows Firewall Allowed Program
Name:
C:\WINDOWS\wincmd\wincmd.exe


Scan wincmd.exe - Powered by Reason Core Security