» win-prepare.exe
Overview
Analysis
File Details

win-prepare.exe

Spotflux, Inc

The executable win-prepare.exe has been detected as malware by 38 anti-virus scanners.

File name:

win-prepare.exe

Publisher:

Spotflux, Inc (signed and verified)

MD5:

bf765b4edd9441ba023caa51a8e1ad95

SHA-1:

4144a6907aa22db1dd1da1678a5774582efa9ac4

SHA-256:

503658da36c06629143c42e4dbe37b61f413dbab2f43efe9dd7cd60c09dd2365

Scanner detections:

38 / 68

Status:

Malware

Analysis date:

4/25/2024 4:52:54 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Win32.Parite.B

6732101

Agnitum Outpost

Win32.Parite.B

7.1.1

AhnLab V3 Security

Win32/Parite

2015.03.10

Avira AntiVirus

W32/Parite

7.11.215.110

avast!

Win32:Parite

150303-0

AVG

Win32/Parite

2014.0.4257

Baidu Antivirus

Virus.Win32.Parite.$b

4.0.3.1539

Bitdefender

Win32.Parite.B

1.0.20.340

Bkav FE

W32.Pinfi.B

1.3.0.6379

Clam AntiVirus

Heuristics.W32.Parite.B

0.98/20167

Comodo Security

Virus.Win32.Parite.gen

21349

Dr.Web

Win32.Parite.2

9.0.1.05190

Emsisoft Anti-Malware

Win32.Parite

9.0.0.4799

ESET NOD32

Win32/Parite.B virus

7.0.302.0

Fortinet FortiGate

W32/Parite.B

3/9/2015

F-Prot

W32/Parite.B

4.6.5.141

F-Secure

Win32.Parite.B

5.13.68

G Data

Win32.Parite

15.3.25

IKARUS anti.virus

Virus.Parite

t3scan.1.8.6.0

K7 AntiVirus

Virus

13.200.15206

Kaspersky

Virus.Win32.Parite

15.0.0.543

McAfee

Virus.W32/Pate.b

16.8.708.2

Microsoft Security Essentials

Threat.Undefined

1.193.2090.0

MicroWorld eScan

Win32.Parite.B

16.0.0.204

NANO AntiVirus

Virus.Win32.Parite.bgvo

0.30.0.296

Norman

Win32.Parite.B

03.12.2014 13:20:04

nProtect

Virus/W32.Parite.C

15.03.09.01

Panda Antivirus

W32/Parite.B

15.03.09.12

Quick Heal

W32.Perite.A

3.15.14.00

Rising Antivirus

PE:Win32.Parite.b!16043

23.00.65.15307

Sophos

Virus 'W32/Parite-B'

5.11

Total Defense

Win32/Pinfi.A

37.0.11486

Trend Micro House Call

PE_PARITE.A

7.2.68

Trend Micro

PE_PARITE.A

10.465.09

Vba32 AntiVirus

Virus.Win32.Parite.b

3.12.26.3

VIPRE Antivirus

Threat.46249

37788

ViRobot

Win32.Parite.A[h]

2014.3.20.0

Zillya! Antivirus

Virus.Parite.Win32.9

2.0.0.2091

File size:

238.5 KB (244,194 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\spotflux\lib\win-prepare.exe

Digital Signature

Signed by:

Spotflux, Inc

Authority:

VeriSign, Inc.

Valid from:

2/14/2013 8:00:00 AM

Valid to:

3/17/2015 7:59:59 AM

Subject:

CN="Spotflux, Inc", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Spotflux, Inc", L=New York, S=New York, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

787B156DBE2C603B1C32E7122CF5A030

File PE Metadata

Compilation timestamp:

12/3/2013 1:15:27 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

2.23

CTPH (ssdeep):

6144:gj7qZNxZktA6KesDMLEozvTnOGd/V2oDq1i:itRKWxziG9V2o21i

Entry address:

0xE000

Entry point:

90, 90, B9, A8, 98, 10, 00, 90, 90, 68, 28, E0, 40, 00, 5F, 90, 90, BE, 98, 05, 00, 00, 90, 90, FF, 34, 3E, 31, 0C, 24, 8F, 04, 3E, 90, 90, 83, EE, 03, 4E, 90, 75, EE, 90, 90, 40, E5, 11, 00, A8, 98, 10, 00, A8, 98, 50, 00, 28, 8A, 10, 00, 98, 9A, 11, 00, 4A, 91, 11, 00, A8, 28, 12, 00, 57, 67, EF, FF, A8, 2A, 50, 00, AC, 2C, 50, 00, BA, 2C, 50, 00, 10, F0, 10, 00, AA, 2C, 10, 00, B8, 2C, 10, 00, A8, F2, 10, 00, AA, 2C, 10, 00, B8, 2C, 10, 00, A8, 98, 10, 00, A8, 98, 10, 00, A8, 98, 10, 00, A8, 98, 10, 00... 
[+]

Code size:

17 KB (17,408 bytes)

Remove win-prepare.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.