home

winamp_http_server.exe

The executable winamp_http_server.exe has been detected as malware by 4 anti-virus scanners.
MD5:
5b9879f468f06468d2c97d2c364dcaf6

SHA-1:
b5e5fc066de327d9375542cf5f75f9cdd2f8335b

SHA-256:
69aef08645023a54acc217ffce755247ff7d8f93bdb019444b23cab6e93667a9

Scanner detections:
4 / 68

Status:
Malware

Analysis date:
4/23/2024 5:49:37 AM UTC  (today)

Scan engine
Detection
Engine version

McAfee
Artemis!5B9879F468F0
5600.6960

Reason Heuristics
Threat.Win.Reputation.IMP
14.10.31.21

Rising Antivirus
PE:Trojan.Agent!6.96D
23.00.65.141029

Total Defense
Win32/Tnega.dIYSTC
37.0.11257

File size:
109.6 KB (112,271 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\applications\winamp_http_server.exe

File PE Metadata
Compilation timestamp:
1/5/2000 5:34:01 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:f+fhIuXjzq6f57SPjp6qB3dqu7LhGCcbYp6DyVpLUB5:fQIuzzq6ftSNHB3gGhBcUYYK5

Entry address:
0x3669

Entry point:
55, 8B, EC, 81, EC, 18, 03, 00, 00, 56, 57, 6A, 06, BE, 0C, 75, 40, 00, 59, 8D, BD, F0, FE, FF, FF, F3, A5, 6A, 3B, 33, C0, 59, 8D, BD, 08, FF, FF, FF, F3, AB, 8D, 85, E8, FC, FF, FF, 68, 04, 01, 00, 00, 33, F6, 50, 56, FF, 15, 54, 50, 40, 00, 50, FF, 15, 24, 50, 40, 00, 8D, 85, E8, FC, FF, FF, 68, 00, 90, 00, 00, 50, E8, 87, F9, FF, FF, 59, 85, C0, 59, 74, 18, 6A, 30, 68, 24, 75, 40, 00, 68, 34, 75, 40, 00, 56, FF, 15, A4, 50, 40, 00, E9, C4, 01, 00, 00, 80, 3D, 60, 78, 40, 00, 00, 74, 18, 8D, 85, F0, FE...
 
[+]

Entropy:
7.2046

Developed / compiled with:
Microsoft Visual C++

Code size:
16 KB (16,384 bytes)

Remove winamp_http_server.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.