home

WindowsApplication11.exe

WindowsApplication11

Product:
WindowsApplication11

Version:
1.0.0.0

MD5:
d674d13e2936edd1711f072e77ea7c22

SHA-1:
ab2221f5a32af0e7fbf0d36509641840769eeeaa

SHA-256:
2f7683deb65789b4f51765ce97b79769eae7d77a76284179f5e300776ec0e7f4

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/26/2024 3:25:03 PM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.W32.Gen.m9us
2.1.4+

F-Prot
W32/S-1d9c520b
v6.4.7.1.166

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1120

File size:
32 KB (32,768 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2016

Original file name:
WindowsApplication11.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\windowsapplication11.exe

File PE Metadata
Compilation timestamp:
5/20/2016 7:26:13 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:F7wYBrDNxfEbZIuBaHSevktEgqFwPf2XVZL6Lk24jXPl9ck3XECcz8yO9agPQ0Fk:FEqpONIaKktduq2lA2XPb5F

Entry address:
0x639E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 85, 1E, 3F, 57, 00, 00, 00, 00, 02, 00, 00, 00, 1C, 01, 00, 00, 1C, 80, 00, 00, 1C, 48, 00, 00, 52, 53...
 
[+]

Entropy:
4.9993

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
17 KB (17,408 bytes)

The file WindowsApplication11.exe has been seen being distributed by the following 2 URLs.

http://download1446.mediafire.com/bd8aafzb9t8g/.../WindowsApplication11.exe

http://download1446.mediafire.com/5jkljt33zo4g/.../WindowsApplication11.exe

Scan WindowsApplication11.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.