home

winja.exe

PHROZEN SOFTWARE (PHROZEN SAS)

Publisher:
Phrozen SAS  (signed by PHROZEN SOFTWARE (PHROZEN SAS))

Description:
Winja - Catch the presence of Malware in your system.

Version:
2.0.0.0

MD5:
8df5c3616bfd1adaa7c005e3433f6c0d

SHA-1:
1e076ad4295c1310a1d018e26730ea34e541d7ad

SHA-256:
efc13be458d97beee604569b883cab82299072d65f7d817b55eee9b2c87cb08a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/6/2024 7:55:31 AM UTC  (today)

File size:
13 MB (13,588,784 bytes)

Product version:
2.0.0.0

Copyright:
(c) 2016

Trademarks:
Phrozen Software™

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\phrozenwinja\winja.exe

Digital Signature
Signed by:
PHROZEN SOFTWARE (PHROZEN SAS)

Authority:
COMODO CA Limited

Valid from:
11/18/2015 12:00:00 AM

Valid to:
11/17/2017 11:59:59 PM

Subject:
CN=PHROZEN SOFTWARE (PHROZEN SAS), O=PHROZEN SOFTWARE (PHROZEN SAS), STREET=12B rue de la Muette, L=Maisons Laffitte, S=Yvelines, PostalCode=78600, C=FR

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00DC9768E6091113E137EAF897D0436221

File PE Metadata
Compilation timestamp:
9/4/2016 11:16:39 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:LtkKYS+dIYZJFv4j+jbcQ0BAS+mgHDgkyYD4oGv2kOcpWdWw0b5OfOj3bLqpHIyE:erjHv5oeof7VEBcPt2X9dNMd0W1U0y9U

Entry address:
0x6C2AF0

Entry point:
55, 48, 83, EC, 50, 48, 8B, EC, 48, C7, 45, 28, 00, 00, 00, 00, 48, C7, 45, 40, 00, 00, 00, 00, 48, C7, 45, 38, 00, 00, 00, 00, 48, C7, 45, 30, 00, 00, 00, 00, 48, C7, 45, 48, 00, 00, 00, 00, 90, 48, 8D, 0D, E0, E7, FD, FF, E8, A3, 5C, 95, FF, 90, 48, 8B, 05, 4B, A5, 09, 00, C6, 00, 01, 48, 8B, 05, 29, A2, 09, 00, 48, 8B, 08, 48, 8D, 15, 13, 03, 00, 00, 4D, 33, C0, E8, EF, A6, DD, FF, 66, 89, 05, A8, A6, 12, 00, 48, 8D, 4D, 48, 48, 0F, B7, 15, 9C, A6, 12, 00, E8, E7, 7F, D6, FF, 48, 8B, 4D, 48, E8, 5E, 16...
 
[+]

Entropy:
6.2822

Code size:
6.8 MB (7,086,080 bytes)

Scan winja.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.