home

WinPlayer.exe

WinPlayer

Manoj-PC\Manoj

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Microsoft’.
Publisher:
secureway.us  (signed by Manoj-PC\Manoj)

Product:
WinPlayer

Version:
1.0.0.0

MD5:
5137b296a0567351d557d9d8937a5336

SHA-1:
a1be6851813d1b2996562160443a917e0ef5c009

SHA-256:
27ae82bbf2d3b626c145446327d58c51769944c8d3e16e6f914ef068df8d0a62

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 10:40:14 PM UTC  (today)

File size:
242.9 KB (248,752 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2016

Trademarks:
Winmedia

Original file name:
WinPlayer.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\winmedia\winplayer\winplayer.exe

Digital Signature
Signed by:
Manoj-PC\Manoj

Authority:
Manoj-PC\Manoj

Valid from:
6/26/2016 12:34:34 PM

Valid to:
6/26/2017 6:34:34 PM

Subject:
CN=Manoj-PC\Manoj

Issuer:
CN=Manoj-PC\Manoj

Serial number:
5FAFA68A7AB19DBE4FE2B4B88CFCEBD6

File PE Metadata
Compilation timestamp:
7/5/2016 5:46:01 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:IJEJWXaDXaTvM00V/yuDdaH04bJuZB0jVdWlnkaXa8+Do:uqDqrp0V6idauz0RdWlkaq8+k

Entry address:
0x2DECE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
3.7740

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
176 KB (180,224 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Microsoft

Command:
C:\users\{user}\appdata\roaming\microsoft\windows\winplayer\winplayer.exe


Scan WinPlayer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.