home

wiretap_get_children.exe

The executable wiretap_get_children.exe has been detected as malware by 10 anti-virus scanners.
MD5:
6b9dd2df177089cf17a97fb4d6e6c981

SHA-1:
34207ced2c756e6f9ee86851cdc758d03f27020d

SHA-256:
e59467a23890121f55cd2ad5070fc2a1569fde2ae7537a40a5edc4ffeb384c5c

Scanner detections:
10 / 68

Status:
Malware

Analysis date:
4/18/2024 8:02:53 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Expiro-DF
160209-2

AVG
Win32/Expiro
2015.0.4530

Dr.Web
Win64.Expiro.108
9.0.1.05190

Emsisoft Anti-Malware
Win64.Expiro.Gen
10.0.0.5366

ESET NOD32
Win64/Expiro.AC virus
7.0.302.0

McAfee
Virus.W64/Expiro.a
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.213.6208.0

Norman
Win64.Expiro.Gen.3
03.12.2014 13:20:04

Sophos
Virus 'W64/Expiro-S'
5.23

VIPRE Antivirus
Threat.4792728
47028

File size:
917 KB (939,008 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\autodesk\composite2014\wiretap\bin\wiretap_get_children.exe

File PE Metadata
Compilation timestamp:
2/23/2009 10:00:00 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
12288:p2VNWTauBIWTCj7GcYlLsG62Y7lqLQaj+F2a6YolQSc81FdfHCl0xDYmqSOKfdaf:pGvSIWOj7GcYlLshJqLQwaDUVWdKfB

Entry address:
0x2E890

Entry point:
90, 55, 48, 89, E5, 56, 48, FF, CE, 57, 41, 54, 41, 55, 41, 56, 41, 57, 48, 81, EC, D0, 00, 00, 00, 48, C7, 85, 70, FF, FF, FF, 00, 00, 00, 00, 48, C7, 45, A8, 0E, 00, 00, 00, 4C, 8B, 55, A8, 49, 83, EA, 0E, 4C, 89, 55, A0, 48, C7, 45, 98, 09, 00, 00, 00, 45, 31, F6, 4C, 8B, 55, A0, 4D, 89, D5, 49, 83, ED, 00, 49, BA, E2, 53, 00, 00, 00, 00, 00, 00, 4C, 89, 95, 40, FF, FF, FF, BE, A3, FB, 1F, 58, 4C, 8B, 95, 40, FF, FF, FF, 49, B9, 62, C3, 00, 00, 00, 00, 00, 00, 4D, 89, D6, 4D, 0F, AF, F1, 41, BD, 0C, 2E...
 
[+]

Entropy:
7.2172

Code size:
185 KB (189,440 bytes)

Remove wiretap_get_children.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.