» win-down.exe
Overview
Analysis
File Details

win-down.exe

Spotflux, Inc

The executable win-down.exe has been detected as malware by 38 anti-virus scanners.

File name:

win-down.exe

Publisher:

Spotflux, Inc (signed and verified)

MD5:

12bff11a0c86ab2ab48a12dcb93be085

SHA-1:

63a0bbb3ba82625ea1342209a6feefe6bf090ab8

SHA-256:

0d7a58a078cbabe48fec93356105ee2ea029f61a4996458082c7980786f63174

Scanner detections:

38 / 68

Status:

Malware

Analysis date:

4/19/2024 11:12:49 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Win32.Parite.B

6732101

Agnitum Outpost

Win32.Parite.B

7.1.1

AhnLab V3 Security

Win32/Parite

2015.03.10

Avira AntiVirus

W32/Parite

7.11.215.110

avast!

Win32:Parite

150303-0

AVG

Win32/Parite

2014.0.4257

Baidu Antivirus

Virus.Win32.Parite.$b

4.0.3.1539

Bitdefender

Win32.Parite.B

1.0.20.340

Bkav FE

W32.Pinfi.B

1.3.0.6379

Clam AntiVirus

Heuristics.W32.Parite.B

0.98/20167

Comodo Security

Virus.Win32.Parite.gen

21349

Dr.Web

Win32.Parite.2

9.0.1.05190

Emsisoft Anti-Malware

Win32.Parite

9.0.0.4799

ESET NOD32

Win32/Parite.B virus

7.0.302.0

Fortinet FortiGate

W32/Parite.B

3/9/2015

F-Prot

W32/Parite.B

4.6.5.141

F-Secure

Win32.Parite.B

5.13.68

G Data

Win32.Parite

15.3.25

IKARUS anti.virus

Virus.Parite

t3scan.1.8.6.0

K7 AntiVirus

Virus

13.200.15206

Kaspersky

Virus.Win32.Parite

15.0.0.543

McAfee

Virus.W32/Pate.b

16.8.708.2

Microsoft Security Essentials

Threat.Undefined

1.193.2080.0

MicroWorld eScan

Win32.Parite.B

16.0.0.204

NANO AntiVirus

Virus.Win32.Parite.bgvo

0.30.0.296

Norman

Win32.Parite.B

03.12.2014 13:20:04

nProtect

Virus/W32.Parite.C

15.03.09.01

Panda Antivirus

W32/Parite.B

15.03.09.12

Quick Heal

W32.Perite.A

3.15.14.00

Rising Antivirus

PE:Win32.Parite.b!16043

23.00.65.15307

Sophos

Virus 'W32/Parite-B'

5.11

Total Defense

Win32/Pinfi.A

37.0.11486

Trend Micro House Call

PE_PARITE.A

7.2.68

Trend Micro

PE_PARITE.A

10.465.09

Vba32 AntiVirus

Virus.Win32.Parite.b

3.12.26.3

VIPRE Antivirus

Threat.46249

38050

ViRobot

Win32.Parite.A[h]

2014.3.20.0

Zillya! Antivirus

Virus.Parite.Win32.9

2.0.0.2091

File size:

240.5 KB (246,232 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\spotflux\lib\win-down.exe

Digital Signature

Signed by:

Spotflux, Inc

Authority:

VeriSign, Inc.

Valid from:

2/14/2013 8:00:00 AM

Valid to:

3/17/2015 7:59:59 AM

Subject:

CN="Spotflux, Inc", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Spotflux, Inc", L=New York, S=New York, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

787B156DBE2C603B1C32E7122CF5A030

File PE Metadata

Compilation timestamp:

12/3/2013 1:15:28 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

2.23

CTPH (ssdeep):

6144:E3CRu6rT7NW1li/z/p9BFKGeWxL4i8rkKjsbnDs:l8Ur/p9BFKGNxL/8zYk

Entry address:

0xE000

Entry point:

90, 68, 98, 98, 10, 00, 58, 90, 68, 1E, E0, 40, 00, 5A, 68, 98, 05, 00, 00, 5F, 90, 31, 04, 3A, 83, EF, 04, 90, 90, 75, F6, 90, 90, 90, 70, E5, 11, 00, 98, 98, 10, 00, 98, 98, 50, 00, 18, 8A, 10, 00, D8, 92, 11, 00, 40, 89, 11, 00, 98, 28, 12, 00, 67, 67, EF, FF, 94, 2A, 50, 00, 84, 2C, 50, 00, B2, 2C, 50, 00, 20, F4, 10, 00, 82, 2C, 10, 00, B0, 2C, 10, 00, 94, F6, 10, 00, 82, 2C, 10, 00, B0, 2C, 10, 00, 98, 98, 10, 00, 98, 98, 10, 00, 98, 98, 10, 00, 98, 98, 10, 00, 88, 2A, 50, 00, 98, 98, 10, 00, 98, 98... 
[+]

Code size:

17.5 KB (17,920 bytes)

Remove win-down.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.