home

mywindyapp.exe

Microsoft Windows Operating System

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The executable mywindyapp.exe has been detected as malware by 8 anti-virus scanners.
Publisher:
Microsoft Corporation*  (Invalid match)

Product:
Microsoft® Windows® Operating System

Version:
6.1.9

MD5:
9eeb31c9830650bc291d1ebe0752d84c

SHA-1:
a636752279280fe5c3e894b7b53a2c638be2e036

SHA-256:
538d62c55a5e6b0874e6ec9cccc530bb5af7140adaa0685cf4bc2fb0902abac2

Scanner detections:
8 / 68

Status:
Malware

Analysis date:
4/24/2024 9:43:31 AM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Trojan.Win32.Agent
4.0.3.14228

Comodo Security
UnclassifiedMalware
17669

Kaspersky
Trojan.Win32.Agent
14.0.0.4244

McAfee
Artemis!9EEB31C98306
5600.7206

Panda Antivirus
Suspicious file
14.02.28.06

Qihoo 360 Security
Win32/Trojan.d09
1.0.0.1015

Rising Antivirus
PE:Malware.FakeFolder@CV!1.6ABB
23.00.65.14226

Trend Micro House Call
TROJ_GEN.R0C9H07AK14
7.2.59

File size:
654.5 KB (670,208 bytes)

Product version:
6.1.9

Copyright:
© Microsoft Corporation. All rights reserved.

Trademarks:
© Microsoft Corporation. All rights reserved.

Original file name:
NewServerP.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\mywindyapp.exe

File PE Metadata
Compilation timestamp:
1/10/2014 5:26:27 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:syPC6xLLKTejT6fNtWItHasnNZCm8s9Nqm30rjMeiPwr+7h1swmmRDgT:X/KTdNt5t6sNZ6s9N9k3M/

Entry address:
0x7D49A

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.1858

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
493.5 KB (505,344 bytes)

Remove mywindyapp.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.