» IniMod.exe
Overview
Analysis
File Details

IniMod.exe

d-fens IniMod

d-fens GmbH & Co. KG

The executable IniMod.exe has been detected as malware by 8 anti-virus scanners.

File name:

IniMod.exe

Publisher:

d-fens (signed by d-fens GmbH & Co. KG)

Product:

d-fens IniMod

Description:

IniMod

Version:

1, 0, 0, 2

MD5:

56ed3f27da19647425cc981155ce9957

SHA-1:

771d81fb71094c68f66103ce4e0c8be12bcb4377

SHA-256:

a13a52ef07654564513f675c378a8f866b04f9dd91cbc06a93c94ec77c841b95

Scanner detections:

8 / 68

Status:

Malware

Analysis date:

4/26/2024 2:11:40 AM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Mabezat [Wrm]

160503-1

AVG

Win32/Mabezat

2015.0.4604

Dr.Web

Win32.HLLW.Tazebama

9.0.1.05190

Emsisoft Anti-Malware

Win32.Worm.Mabezat.Gen

16.06.28

ESET NOD32

Win32/Mabezat.A virus

7.0.302.0

F-Prot

W32/Mabezat.A-2

4.6.5.141

Microsoft Security Essentials

Threat.Undefined

1.223.2791.0

VIPRE Antivirus

Threat.303962

50266

File size:

209.5 KB (214,511 bytes)

Product version:

1, 0, 0, 2

Original file name:

IniMod.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Windows\System32\inimod.exe

Digital Signature

Signed by:

d-fens GmbH & Co. KG

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

10/26/2007 2:00:00 AM

Valid to:

11/6/2008 12:59:59 AM

Subject:

CN=d-fens GmbH & Co. KG, OU=IT SERVICES, O=d-fens GmbH & Co. KG, L=Nuernberg, S=Bayern, C=DE

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

6DBB7802EBE32EA99256316AF0091150

File PE Metadata

Compilation timestamp:

11/8/2003 1:45:24 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

6.0

CTPH (ssdeep):

3072:zDx6xgQomn6N9jao1XUT2TtRCDU17ZFxjMHB/4eRsHz/g5tYREb5Fv:XrS6NEWTBdZFxjMhQhT4QKb5Fv

Entry address:

0x1F1C

Entry point:

BB, 17, E5, EF, 10, 93, E9, 20, 01, 00, 00, F3, 99, FC, F8, A4, 28, FC, F8, FC, 5E, 7C, 7C, 7C, FC, 7C, 7C, 05, 7C, 7C, 7C, DB, AD, B2, AD, AC, AD, B5, B3, B2, 7C, 7C, 7C, F0, DD, F6, E1, DE, DD, E9, DD, AA, E0, E8, E8, 7C, 7C, 7C, 7C, D8, 7C, 7C, 7C, C2, EE, E1, E1, C8, E5, DE, EE, DD, EE, F5, 7C, BF, EE, E1, DD, F0, E1, C0, E5, EE, E1, DF, F0, EB, EE, F5, BD, 7C, 7C, 7C, 7C, C3, E1, F0, D3, E5, EA, E0, EB, F3, EF, C0, E5, EE, E1, DF, F0, EB, EE, F5, BD, 7C, 7C, 7C, 7C, C3, E1, F0, C9, EB, E0, F1, E8, E1... 
[+]

Code size:

28 KB (28,672 bytes)

Remove IniMod.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.