home

winstall.exe

WinINSTALL

Scalable Software Inc

Publisher:
Scalable Software, Inc.  (signed by Scalable Software Inc)

Product:
WinINSTALL

Description:
WinINSTALL Interactive Installer Launcher

Version:
10.1000.81.53

MD5:
0aabac81c5ac9d9b0620e216cc5e565c

SHA-1:
ea73a9a018dd816563d65fa9667b55346f7991e3

SHA-256:
5c221f73a725f7f90fd1d351a10724b0d153d37445003b6aeeb66d9c8ec937a3

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/25/2024 4:19:31 AM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
Trojan.Win32.Powp
t3scan.1.9.5.0

File size:
73.8 KB (75,560 bytes)

Product version:
10.10.0040

Copyright:
Copyright © 1991-2014 Scalable Software, Inc., All Rights Reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\bin\winstall.exe

Digital Signature
Signed by:
Scalable Software Inc

Authority:
GlobalSign nv-sa

Valid from:
5/14/2012 1:14:45 PM

Valid to:
5/15/2015 1:14:45 PM

Subject:
CN=Scalable Software Inc, OU=Development, O=Scalable Software Inc, L=Austin, S=Texas, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121EF2077C8FDE08CF30D4946F1D4F583E1

File PE Metadata
Compilation timestamp:
1/2/2014 3:14:27 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
768:ePDK866279z1le8b8ZtZqv2oDYs+zpIhxkDlRwxDZsx6VTY0Q1cCvdFkV7GFIjTz:evEF8Z3loO0kDr0DZCsTYTcCFFRIjYXA

Entry address:
0x245F

Entry point:
E8, 92, 1C, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, F8, D1, 40, 00, 89, 0D, F4, D1, 40, 00, 89, 15, F0, D1, 40, 00, 89, 1D, EC, D1, 40, 00, 89, 35, E8, D1, 40, 00, 89, 3D, E4, D1, 40, 00, 66, 8C, 15, 10, D2, 40, 00, 66, 8C, 0D, 04, D2, 40, 00, 66, 8C, 1D, E0, D1, 40, 00, 66, 8C, 05, DC, D1, 40, 00, 66, 8C, 25, D8, D1, 40, 00, 66, 8C, 2D, D4, D1, 40, 00, 9C, 8F, 05, 08, D2, 40, 00, 8B, 45, 00, A3, FC, D1, 40, 00, 8B, 45, 04, A3, 00, D2, 40, 00, 8D, 45, 08, A3, 0C, D2, 40, 00, 8B...
 
[+]

Entropy:
5.9674

Code size:
32 KB (32,768 bytes)

Scan winstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.