home

aimp3.exe

AIMP3

Artem Izmaylov

Publisher:
AIMP DevTeam  (signed by Artem Izmaylov)

Product:
AIMP3

Version:
3.5.0.1277

MD5:
95eaef4a1438d40e5aba6e8a48642045

SHA-1:
3aa872346f9bf617d8592835efa799974aa2f5ec

SHA-256:
525714d3b3fb1846962228a32aa805bfb7030163f9b62134ab783a3963849a75

Scanner detections:
16 / 68

Status:
Clean  (16 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/19/2024 1:15:56 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Win32.Worm.Mabezat.Gen
355

Avira AntiVirus
W32/Mabezat
7.11.30.172

avast!
Win32:Mabezat [Wrm]
2014.9-160214

AVG
Win32/Mabezat
2017.0.2833

Clam AntiVirus
W32.Mabezat-1
0.98/21324

Dr.Web
Win32.HLLW.Tazebama
9.0.1.045

Emsisoft Anti-Malware
Win32.Worm.Mabezat.Gen
8.16.02.14.02

ESET NOD32
Win32/Mabezat.A virus
10.7.0.302.0

F-Prot
W32/Mabezat.A-1
v6.4.6.5.141

F-Secure
Win32.Worm.Mabezat.Gen
11.2016-14-02_1

Kaspersky
Worm.Win32.Mabezat
14.0.0.662

McAfee
Virus.W32/Mabezat.a
5600.6489

Microsoft Security Essentials
Threat.Undefined
1.213.4955.0

Norman
Win32.Worm.Mabezat.Gen
11.20160214

Sophos
Virus 'W32/Mabezat-B'
5.22

VIPRE Antivirus
Threat.303962
46444

File size:
1.6 MB (1,646,536 bytes)

Copyright:
Artem Izmaylov

File type:
Executable application (Win32 EXE)

Language:
Russian (Russia)

Common path:
C:\Program Files\aimp3\aimp3.exe

Digital Signature
Signed by:
Artem Izmaylov

Authority:
StartCom Ltd.

Valid from:
11/6/2012 9:28:30 AM

Valid to:
11/7/2014 3:36:54 PM

Subject:
E=artem@aimp.ru, CN=Artem Izmaylov, L=Tula, S=Tula Oblast, C=RU, Description=N0TtN9z9A3cgEBOy

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
07ED

File PE Metadata
Compilation timestamp:
6/19/2013 9:19:41 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:oz9zd+HkB5YLuVzWtXI/AKzWKkW9hZf/bbYhZWwLe5pz:EMmfixI4KzWU9/bbYPhKZ

Entry address:
0x95B58

Entry point:
55, 8B, EC, 83, C4, F0, B8, F8, 29, 49, 00, E8, B8, B8, F6, FF, E8, 63, CD, FF, FF, 84, C0, 75, 2A, E8, 9A, B4, F6, FF, A1, D4, E9, 49, 00, E8, C4, E7, F6, FF, E8, EB, CD, FF, FF, A1, C0, DA, 49, 00, 8B, 00, E8, A3, CF, F6, FF, A1, D4, E9, 49, 00, E8, A1, E7, F6, FF, E8, E0, B5, F6, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.8366

Developed / compiled with:
Microsoft Visual C++

Code size:
592.5 KB (606,720 bytes)

Autoplay Handler
Display name:
AIMP.EventCDA


Scan aimp3.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.