home

wincmd32.exe

Windows Commander

C. Ghisler & Co.

This is a setup program which is used to install the application. The file has been seen being downloaded from raymeza.synology.me.
Publisher:
C. Ghisler & Co.

Product:
Windows Commander

Description:
Windows Commander 32 bit international version, file manager replacement for Windows

Version:
5.11

MD5:
fd561b414e01c351bac35df2fe44eee9

SHA-1:
ad80b48cfd9d72c4f161ae2df5e05fcfc0a9c0a4

SHA-256:
e2b3126c9347b351974e02666294d1db774ef9ed2ac0bb8f083ae43f58627ae9

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/26/2024 7:26:05 AM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
PUA.Packed.ASPack
0.98/18011

File size:
631 KB (646,180 bytes)

Product version:
5.11

Copyright:
Copyright © 1993-2002 Christian Ghisler

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:AruGclNwncHEHBQPRcRvXyWBd+cSUs717+hScVPTrwRKFKGCHiVUnJCmzJS:Ah1GIv5WUs7ZVRKoGCCVUJCU0

Entry address:
0x1CF001

Entry point:
60, E8, 03, 00, 00, 00, E9, EB, 04, 5D, 45, 55, C3, E8, 01, 00, 00, 00, EB, 5D, BB, ED, FF, FF, FF, 03, DD, 81, EB, 00, F0, 1C, 00, 83, BD, 22, 04, 00, 00, 00, 89, 9D, 22, 04, 00, 00, 0F, 85, 65, 03, 00, 00, 8D, 85, 2E, 04, 00, 00, 50, FF, 95, 4D, 0F, 00, 00, 89, 85, 26, 04, 00, 00, 8B, F8, 8D, 5D, 5E, 53, 50, FF, 95, 49, 0F, 00, 00, 89, 85, 4D, 05, 00, 00, 8D, 5D, 6B, 53, 57, FF, 95, 49, 0F, 00, 00, 89, 85, 51, 05, 00, 00, 8D, 45, 77, FF, E0, 56, 69, 72, 74, 75, 61, 6C, 41, 6C, 6C, 6F, 63, 00, 56, 69, 72...
 
[+]

Packer / compiler:
ASPack v2.12

Code size:
1.4 MB (1,441,280 bytes)

The file wincmd32.exe has been discovered within the following programs.

Total Commander (Remove or Repair)  by Ghisler Software GmbH
Total Commander is an Orthodox File Manager (OFM) for Windows that features include a built-in FTP client, tabbed interface, file compare, archive file navigation, and a versatile multi-rename tool with regular expression support.
www.ghisler.com
8% remove it
 
Powered by Should I Remove It?

The file wincmd32.exe has been seen being distributed by the following URL.

http://raymeza.synology.me:5000/.../WINCMD32.EXE

Scan wincmd32.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.