» winja.exe
Overview
Analysis
File Details

winja.exe

PHROZEN SOFTWARE (PHROZEN SAS)

File name:

winja.exe

Publisher:

Phrozen SAS (signed by PHROZEN SOFTWARE (PHROZEN SAS))

Description:

Winja - Catch presense of Malware in your system

Version:

2.0.0.0

MD5:

21bef2f30f4db7d1c07a24a173fe908a

SHA-1:

42e64c6f4ef087fa55a2e371ab4a9f4703c720bf

SHA-256:

1906052acf300d1cd13f3db246267b97e68a986cda2420b1db6fdc31dd84bcc4

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/6/2024 7:42:15 AM UTC (today)

File size:

9.2 MB (9,620,784 bytes)

Product version:

2.0.0.0

Trademarks:

Phrozen Software™

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

PHROZEN SOFTWARE (PHROZEN SAS)

Authority:

COMODO CA Limited

Valid from:

11/18/2015 2:00:00 AM

Valid to:

11/18/2017 1:59:59 AM

Subject:

CN=PHROZEN SOFTWARE (PHROZEN SAS), O=PHROZEN SOFTWARE (PHROZEN SAS), STREET=12B rue de la Muette, L=Maisons Laffitte, S=Yvelines, PostalCode=78600, C=FR

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00DC9768E6091113E137EAF897D0436221

File PE Metadata

Compilation timestamp:

9/4/2016 1:16:49 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:Lhe2Mdp4yGcc0ywWicMNuHV94I8Pg/YoK+8RgoN2BcPt2X9dlLkmpkgAy4QsU0y/:82ly5Wi7j6igoN2BcPQ1wmpehQf95

Entry address:

0x48A10C

Entry point:

55, 8B, EC, B9, 04, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, 56, B8, 6C, 55, 87, 00, E8, 50, 50, B8, FF, 8B, 35, 94, C3, 8A, 00, 33, C0, 55, 68, 48, A3, 88, 00, 64, FF, 30, 64, 89, 20, A1, E8, BB, 8A, 00, C6, 00, 01, A1, 60, BA, 8A, 00, 8B, 00, 33, C9, BA, 64, A3, 88, 00, E8, 61, F3, E8, FF, 8B, D8, 8D, 55, EC, 8B, C3, E8, AD, 38, E4, FF, 8B, 45, EC, E8, F5, 9D, E4, FF, 8D, 55, E0, B8, 01, 00, 00, 00, E8, A8, CC, B7, FF, 8B, 45, E0, 8D, 55, E4, E8, 75, 8B, B9, FF, 8B, 45, E4, 8D, 55, E8, E8, 32, 87... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

4.5 MB (4,756,480 bytes)

Scan winja.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.