home

aimp3.exe

AIMP3

Artem Izmaylov

Publisher:
AIMP DevTeam  (signed by Artem Izmaylov)

Product:
AIMP3

Version:
3.5.5.1324

MD5:
899ceca8ce8706dbf53fe59dc6b2aa0d

SHA-1:
4c0161b1812e73d933128c76a4f8468e771021d5

SHA-256:
b3d70d5e433f12846241559b94ee3d6bc9571a4002526147e1dcbdf0a1ce0de8

Scanner detections:
16 / 68

Status:
Clean  (16 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/27/2024 2:43:39 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Win32.Worm.Mabezat.Gen
356

Avira AntiVirus
W32/Mabezat
7.11.30.172

avast!
Win32:Mabezat [Wrm]
2014.9-160213

AVG
Win32/Mabezat
2017.0.2834

Clam AntiVirus
W32.Mabezat-1
0.98/21324

Dr.Web
Win32.HLLW.Tazebama
9.0.1.044

Emsisoft Anti-Malware
Win32.Worm.Mabezat.Gen
8.16.02.13.08

ESET NOD32
Win32/Mabezat.A virus
10.7.0.302.0

F-Prot
W32/Mabezat.A-1
v6.4.6.5.141

F-Secure
Win32.Worm.Mabezat.Gen
11.2016-13-02_7

Kaspersky
Worm.Win32.Mabezat
14.0.0.666

McAfee
Virus.W32/Mabezat.a
5600.6490

Microsoft Security Essentials
Threat.Undefined
1.213.4955.0

Norman
Win32.Worm.Mabezat.Gen
11.20160213

Sophos
Virus 'W32/Mabezat-B'
5.22

VIPRE Antivirus
Threat.303962
46444

File size:
1.6 MB (1,700,808 bytes)

Copyright:
Artem Izmaylov

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\aimp3\aimp3.exe

Digital Signature
Signed by:
Artem Izmaylov

Authority:
StartCom Ltd.

Valid from:
11/6/2012 8:28:30 PM

Valid to:
11/8/2014 2:36:54 AM

Subject:
E=artem@aimp.ru, CN=Artem Izmaylov, L=Tula, S=Tula Oblast, C=RU, Description=N0TtN9z9A3cgEBOy

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
07ED

File PE Metadata
Compilation timestamp:
11/15/2013 6:42:36 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:L32h5podtWnvSWzBrzuW5j2jucf1HzKpMaQSMY14h4vXRtUDflDsbXjkSOW3GM20:Ch4SryW5j2nSWKkiejDqlL

Entry address:
0xA0B9C

Entry point:
55, 8B, EC, 83, C4, F0, B8, 90, D3, 49, 00, E8, 7C, 08, F6, FF, E8, B7, C6, FF, FF, 84, C0, 75, 20, E8, 56, 04, F6, FF, A1, 94, 9B, 4A, 00, E8, F0, 37, F6, FF, E8, 3F, C7, FF, FF, A1, 34, 8C, 4A, 00, 8B, 00, E8, 77, 1F, F6, FF, E8, A6, 05, F6, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, FF, FF, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.8191

Developed / compiled with:
Microsoft Visual C++

Code size:
636 KB (651,264 bytes)

Autoplay Handler
Display name:
AIMP.EventCDA


Scan aimp3.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.