» winja.exe
Overview
Analysis
File Details

winja.exe

PHROZEN SOFTWARE (PHROZEN SAS)

File name:

winja.exe

Publisher:

Phrozen SAS (signed by PHROZEN SOFTWARE (PHROZEN SAS))

Description:

Winja - Catch the presence of Malware in your system.

Version:

1.0.0.0

MD5:

7ef867f4a6285d1d51ef8f275f2336ff

SHA-1:

18e720ce3a0d7b87c49d74ab07bf05be682cd7e0

SHA-256:

9cd6d90efaa34478db366b0feb909e778cebb01764084541fd23ff9ac0feb523

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/6/2024 7:44:12 AM UTC (today)

File size:

12.7 MB (13,267,504 bytes)

Product version:

1.0.0.0

Trademarks:

Phrozen Software™

File type:

Executable application (Win64 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\roaming\phrozenwinja\winja.exe

Digital Signature

Signed by:

PHROZEN SOFTWARE (PHROZEN SAS)

Authority:

COMODO CA Limited

Valid from:

11/18/2015 1:00:00 AM

Valid to:

11/18/2017 12:59:59 AM

Subject:

CN=PHROZEN SOFTWARE (PHROZEN SAS), O=PHROZEN SOFTWARE (PHROZEN SAS), STREET=12B rue de la Muette, L=Maisons Laffitte, S=Yvelines, PostalCode=78600, C=FR

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00DC9768E6091113E137EAF897D0436221

File PE Metadata

Compilation timestamp:

5/28/2016 5:30:39 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

98304:B3rRkjmdHqXoeor1WlhcPt2X9doMd0W3SpI:VRKKHioeor1ihcPQ7ykSpI

Entry address:

0x6EC930

Entry point:

55, 48, 83, EC, 50, 48, 8B, EC, 48, C7, 45, 28, 00, 00, 00, 00, 48, C7, 45, 40, 00, 00, 00, 00, 48, C7, 45, 38, 00, 00, 00, 00, 48, C7, 45, 30, 00, 00, 00, 00, 48, C7, 45, 48, 00, 00, 00, 00, 90, 48, 8D, 0D, 00, 57, FE, FF, E8, F3, AB, 92, FF, 90, 48, 8B, 05, 9B, 74, 09, 00, C6, 00, 01, 48, 8B, 05, 71, 71, 09, 00, 48, 8B, 08, 48, 8D, 15, 03, 04, 00, 00, 4D, 33, C0, E8, 9F, 05, E0, FF, 66, 89, 05, D0, 77, 12, 00, 48, 8D, 4D, 48, 48, 0F, B7, 15, C4, 77, 12, 00, E8, A7, AB, D7, FF, 48, 8B, 4D, 48, E8, DE, 01... 
[+]

Code size:

6.9 MB (7,258,112 bytes)

Scan winja.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.