home

winja.exe

PHROZEN SOFTWARE (PHROZEN SAS)

It runs as a scheduled task under the Windows Task Scheduler named PhrozenWinja triggered to execute each time a user logs in.
Publisher:
Phrozen SAS  (signed by PHROZEN SOFTWARE (PHROZEN SAS))

Description:
Winja - Catch the presence of Malware in your system.

Version:
3.0.0.0

MD5:
353af0c64b15c0b80db6a35da31742af

SHA-1:
75ce4649e5ca489598c2fa44afaccba8e43023a3

SHA-256:
53d4a1e401d04220c30d30b262ed0f3d39ff10d3b4d7f413e9dfe8a617a683e8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 5:25:11 AM UTC  (today)

File size:
16.5 MB (17,271,088 bytes)

Product version:
3.0.0.0

Copyright:
(c) 2016

Trademarks:
Phrozen Software™

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\phrozenwinja\winja.exe

Digital Signature
Signed by:
PHROZEN SOFTWARE (PHROZEN SAS)

Authority:
COMODO CA Limited

Valid from:
11/18/2015 1:00:00 AM

Valid to:
11/18/2017 12:59:59 AM

Subject:
CN=PHROZEN SOFTWARE (PHROZEN SAS), O=PHROZEN SOFTWARE (PHROZEN SAS), STREET=12B rue de la Muette, L=Maisons Laffitte, S=Yvelines, PostalCode=78600, C=FR

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00DC9768E6091113E137EAF897D0436221

File PE Metadata
Compilation timestamp:
1/26/2017 1:49:47 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

Entry address:
0x71BBA0

Entry point:
55, 48, 83, EC, 50, 48, 8B, EC, 48, C7, 45, 28, 00, 00, 00, 00, 48, C7, 45, 40, 00, 00, 00, 00, 48, C7, 45, 38, 00, 00, 00, 00, 48, C7, 45, 30, 00, 00, 00, 00, 48, C7, 45, 48, 00, 00, 00, 00, 90, 48, 8D, 0D, 30, D9, FD, FF, E8, 63, DA, 8F, FF, 90, 48, 8B, 05, 8B, FF, 09, 00, C6, 00, 01, 48, 8B, 05, 59, FC, 09, 00, 48, 8B, 08, 48, 8D, 15, D3, 02, 00, 00, 4D, 33, C0, E8, 7F, 15, DF, FF, 66, 89, 05, 48, 07, 13, 00, 48, 8D, 4D, 48, 48, 0F, B7, 15, 3C, 07, 13, 00, E8, 97, EB, D7, FF, 48, 8B, 4D, 48, E8, 8E, 89...
 
[+]

Code size:
7.1 MB (7,450,624 bytes)

Scheduled Task
Task name:
PhrozenWinja

Trigger:
Logon (Runs on logon)

Description:
Winja Program Startup by Phrozen Software


Scan winja.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.