home

clementine.exe

Clementine

Publisher:
Clementine

Product:
Clementine

Description:
Clementine music player

Version:
1.2.1

MD5:
0aba98a96bbdd0b36b05a2209959d564

SHA-1:
5b3f4c2071fface7667e13c42dd07d21de5e7c03

SHA-256:
506af96342bdabd94a2fc4421654d13cb84737057a64226148ad64a8db5acf0d

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/16/2024 7:42:22 AM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Malware.XPACK/RDM!5.1
23.00.65.131222

File size:
15.2 MB (15,959,552 bytes)

Product version:
1.2.1

Copyright:
David Sansome

Original file name:
clementine.exe

File type:
Executable application (Win32 EXE)

Language:
English (United Kingdom)

Common path:
C:\Program Files\clementine\clementine.exe

File PE Metadata
Compilation timestamp:
11/17/2013 11:32:06 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.23

CTPH (ssdeep):
196608:UejZOWTTqKT0FXLpaNu6IO/2USSmi/5YRf4/F8BFSaNgddykZbXFpV4Va:UUvGLQhYRf4/Qmb1pVQa

Entry address:
0x14D0

Entry point:
83, EC, 0C, C7, 05, C4, 0C, 2E, 01, 01, 00, 00, 00, E8, DE, 75, 5B, 00, 83, C4, 0C, E9, 96, FC, FF, FF, 8D, B6, 00, 00, 00, 00, 83, EC, 0C, C7, 05, C4, 0C, 2E, 01, 00, 00, 00, 00, E8, BE, 75, 5B, 00, 83, C4, 0C, E9, 76, FC, FF, FF, 90, 90, 90, 90, 90, 90, 55, 89, E5, 5D, C3, 8D, 74, 26, 00, 8D, BC, 27, 00, 00, 00, 00, A1, CC, C0, B3, 00, 85, C0, 74, 43, 55, 89, E5, 83, EC, 18, C7, 04, 24, 20, D0, B3, 00, FF, 15, 64, DA, 2E, 01, BA, 10, 15, 40, 00, 83, EC, 04, 85, C0, 74, 16, C7, 44, 24, 04, 2E, D0, B3, 00...
 
[+]

Entropy:
6.3668

Code size:
7.2 MB (7,574,016 bytes)

The file clementine.exe has been discovered within the following program.

Clementine  by Clementine
Publisher's description - “Clementine is a multiplatform music player. It is inspired by Amarok 1.4, focusing on a fast and easy-to-use interface for searching and playing your music.”
www.clementine-player.org
About 8% of users remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP SSL):
Connects to yv-in-f141.1e100.net  (74.125.21.141:443)

TCP (HTTP):
Connects to a23-15-7-152.deploy.static.akamaitechnologies.com  (23.15.7.152:80)

TCP (HTTP):
Connects to 208.43.117.65-static.reverse.softlayer.com  (208.43.117.65:80)

Scan clementine.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.