home

wimaia81.exe

Manutius.com MicroSetup for WinImage

Gilles Vollant

This is a setup and installation application. The file has been seen being downloaded from download.winimage.com.
Publisher:
WinImage  (signed by Gilles Vollant)

Product:
Manutius.com MicroSetup for WinImage

Description:
WinImage MicroSetup

Version:
1, 0, 0, 1

MD5:
bfc11792bf19624ac888aa02e7885d46

SHA-1:
ac6454056eb2a61f1201240444b15f31691d90c8

SHA-256:
8d6e8bb852d106ee2e2ef71d37f3a4cfd6879fefe9205ceb1bd4c523d7d2f64f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 2:43:23 PM UTC  (today)

File size:
1.3 MB (1,397,472 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright © 2001 François Liger for WinImage

Original file name:
MicroSetup.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\wimaia81.exe

Digital Signature
Signed by:
Gilles Vollant

Authority:
GlobalSign nv-sa

Valid from:
4/16/2007 8:16:28 PM

Valid to:
4/16/2010 8:16:28 PM

Subject:
E=info@winimage.com, CN=Gilles Vollant, C=FR

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
01000000000111FB9C2CBD

File PE Metadata
Compilation timestamp:
7/29/2007 12:20:01 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:ij/YbFtarC0y512g/+Rxg3ofu2BaST4jk8RM9tLu0wHpMbFjBvWpu:AaFQrC0y512r3gYf1T4jkAWFwHpojBv3

Entry address:
0x1A030

Entry point:
A0, 84, 01, 40, 01, 00, 00, 00, 00, 00, 22, 40, 01, 00, 00, 00, 80, 8B, 00, 40, 01, 00, 00, 00, 00, 00, 22, 40, 01, 00, 00, 00, 80, 8A, 01, 40, 01, 00, 00, 00, 00, 00, 22, 40, 01, 00, 00, 00, AE, B4, E2, 45, C3, B1, D0, 11, B9, 2F, 00, A0, C9, 03, 12, E1, EE, 14, 02, 00, 00, 00, 00, 00, C0, 00, 00, 00, 00, 00, 00, 46, 01, 14, 02, 00, 00, 00, 00, 00, C0, 00, 00, 00, 00, 00, 00, 46, 0B, 01, 00, 00, 00, 00, 00, 00, C0, 00, 00, 00, 00, 00, 00, 46, 00, 2D, 00, 40, 01, 00, 00, 00, 00, 00, 22, 40, 01, 00, 00, 00...
 
[+]

Code size:
95 KB (97,280 bytes)

The file wimaia81.exe has been seen being distributed by the following URL.

http://download.winimage.com/wimaia81.exe

Scan wimaia81.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.