» wintoflash.exe
Overview
Analysis
File Details
Downloads (2)

wintoflash.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from gerenciador.baixaki.com.br and multiple other hosts.

File name:

wintoflash.exe

MD5:

4c558ec6f2b9b53b8d0c7c494498bc9e

SHA-1:

1d1b3feab58c81d691301f7785d3778a4e16b905

SHA-256:

8efd5047d854c02326bd865c828b2ab77664cb10ab50d71403f9037a8c45f377

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/19/2024 10:17:03 AM UTC (today)

Scan engine

Detection

Engine version

Vba32 AntiVirus

AdWare.Win64.Agent

3.12.26.3

File size:

32.5 MB (34,082,966 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\downloads\wintoflash.exe

File PE Metadata

Compilation timestamp:

5/5/2059 1:41:57 AM

OS version:

13247.44964

OS bitness:

Win64

Linker version:

226.209

CTPH (ssdeep):

786432:1YC3qe231kpnzcj2qlGJk6eeoxSSf28jY6oKlPwaXpx5VjYXidn:lqVY/ob06TVX5x3YXih

Entry address:

0x1D0BA520

The file wintoflash.exe has been seen being distributed by the following 2 URLs.

http://gerenciador.baixaki.com.br/nocache/programas/urls/iron/.../wintoflash-42-32-4102922.exe

http://fast.findmysoft.com/dl/.../wintoflash_0.8.0009-Beta_setup.exe

Scan wintoflash.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.