home

winamp5.0+keymaker_ngen.exe

The application winamp5.0+keymaker_ngen.exe has been detected as a potentially unwanted program by 16 anti-malware scanners.
MD5:
0565aec7b8671e7bd15dc16eb596c094

SHA-1:
8f51751ad73fcf9f00cf74df1c19686eb91d496f

SHA-256:
8890c3808631fe74f43a1f84281b5b3c1e6c45e357026cdb21be988e25690470

Scanner detections:
16 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 2:42:43 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/FSG
7.1.1

AhnLab V3 Security
Worm/Win32.IRCBot
2014.11.03

AVG
IRC/BackDoor.SdBot4
2015.0.3279

Bkav FE
HW32.Packed
1.3.0.6185

Comodo Security
Application.Win32.Keygen.h
19972

F-Prot
W32/Sdbot.NSC
v6.4.7.1.166

K7 AntiVirus
Trojan
13.185.13866

Malwarebytes
Trojan.Downloader
v2014.11.26.09

nProtect
Trojan/W32.Agent.25849
14.10.31.01

Quick Heal
Win32.Backdoor.Haxdoor.2
11.14.14.00

Rising Antivirus
PE:Trojan.Win32.Generic.1348C8F4!323537140
23.00.65.141124

Sophos
Mal/Packer
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-FSG
10214

Trend Micro House Call
PAK_Generic.002
7.2.330

Trend Micro
PAK_Generic.002
10.465.26

VIPRE Antivirus
Trojan.Win32.Generic
34454

File size:
25.2 KB (25,849 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\put back after scan\done\winamp\winamp5.5 + keygen and patch\winamp patch\winamp5.0+keymaker_ngen.exe

File PE Metadata
Compilation timestamp:
9/11/1987 2:35:02 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

CTPH (ssdeep):
768:wjPSCymTNEslumYsIXE+No1ITl86onchoap6k9:6SCyCNEsFYsIU+NoIl5Mu6U

Entry address:
0x154

Entry point:
4D, 5A, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 50, 45, 00, 00, 4C, 01, 02, 00, 46, 53, 47, 21, 00, 00, 00, 00, 00, 00, 00, 00, E0, 00, 0F, 01, 0B, 01, 00, 00, 00, 0C, 00, 00, 00, F2, 00, 00, 00, 00, 00, 00, 54, 01, 00, 00, 00, 10, 00, 00, 0C, 00, 00, 00, 00, 00, 40, 00, 00, 10, 00, 00, 00, 02, 00, 00, 04, 00, 00, 00, 00, 00, 00, 00, 04, 00, 00, 00, 00, 00, 00, 00, 00, B0, 01, 00, 00, 02, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 00, 00, 10, 00, 00, 10, 00, 00, 00, 00, 10, 00, 00, 10, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.6440

Code size:
3 KB (3,072 bytes)

Remove winamp5.0+keymaker_ngen.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.