home

_winstall.exe

Gleim Internet, Inc

This is installed with Gleim CIA Test Prep 14th Edition WebDeploy.
Publisher:
Gleim Internet, Inc  (signed and verified)

MD5:
add54d031f47175a3fbbb041bc5e25f4

SHA-1:
6afe7a0d740e0d0a12cc98eb3dbeb23f8ffea38a

SHA-256:
30d4d963b5bb46e86b34c77ee3b36012b3e55417e45b675b42649cf326fc404c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 8:41:55 AM UTC  (today)

File size:
854.5 KB (874,976 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\_winstall.exe

Digital Signature
Signed by:
Gleim Internet, Inc

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
5/31/2009 5:00:00 PM

Valid to:
8/27/2010 4:59:59 PM

Subject:
CN="Gleim Internet, Inc", OU=WWW, O="Gleim Internet, Inc", L=Gainesville, S=Florida, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
138C6B1CEA71EBA363F25979E2DB9AAE

File PE Metadata
Compilation timestamp:
11/6/2009 12:34:12 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:SHcfIeCrgtt1SOigH3CB9B+reTJEevqUtYy8izho1zVg9TZyDg7e:NAeTSOigXCB7+CNvjqqp7e

Entry address:
0x9B8C4

Entry point:
55, 8B, EC, 83, C4, EC, 33, C0, 89, 45, EC, B8, 28, A8, 49, 00, E8, BB, C3, F6, FF, 33, C0, 55, 68, 60, BA, 49, 00, 64, FF, 30, 64, 89, 20, 68, 6C, BA, 49, 00, E8, 0F, C7, F6, FF, 66, A3, 40, 56, 4A, 00, 66, 83, 3D, 40, 56, 4A, 00, 00, 74, 6C, 6A, 00, 68, 7C, BA, 49, 00, E8, B3, CB, F6, FF, A3, 44, 56, 4A, 00, 83, 3D, 44, 56, 4A, 00, 00, 75, 11, 6A, 00, 68, 90, BA, 49, 00, E8, 99, CB, F6, FF, A3, 44, 56, 4A, 00, 83, 3D, 44, 56, 4A, 00, 00, 74, 38, 6A, 00, 68, A0, BA, 49, 00, E8, 7F, CB, F6, FF, 85, C0, 74...
 
[+]

Entropy:
6.6986

Developed / compiled with:
Microsoft Visual C++

Code size:
618 KB (632,832 bytes)

The file _winstall.exe has been discovered within the following program.

Gleim CIA Test Prep 14th Edition WebDeploy  by Gleim Publications, Inc.
www.gleim.com
About 9% of users remove it
 
Powered by Should I Remove It?

Scan _winstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.