home

wiretap_get_metadata.exe

The executable wiretap_get_metadata.exe has been detected as malware by 9 anti-virus scanners.
MD5:
5fb9b09793db608b4b419749124f5c2e

SHA-1:
4dafc4549eaa36a2dd5ffb4b354c3eeb80afae30

SHA-256:
7ceb90ed1309d4d18d4f8723b72c73459138dccbce0a39e379294ad34488664b

Scanner detections:
9 / 68

Status:
File is infected by a Virus

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
4/25/2024 6:47:08 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Expiro-DF
160209-2

AVG
Win32/Expiro
2015.0.4522

Dr.Web
Win64.Expiro.108
9.0.1.05190

Emsisoft Anti-Malware
Win64.Expiro.Gen
10.0.0.5366

ESET NOD32
Win64/Expiro.AC virus
7.0.302.0

McAfee
Virus.W64/Expiro.a
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.213.6208.0

Norman
Win64.Expiro.Gen.3
03.12.2014 13:20:04

Sophos
Virus 'W64/Expiro-S'
5.23

File size:
916.5 KB (938,496 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\autodesk\composite2014\wiretap\bin\wiretap_get_metadata.exe

File PE Metadata
Compilation timestamp:
2/23/2009 9:58:08 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
12288:iqOpfGQrz2+N2+HuPUWhM5taeGCKcHoyxbLzjhKBYdKBq5EhbE4YZABzr31EGGsr:6Zz2+N2+OPUcyxbLhPdvEhNYZ4z1EF

Entry address:
0x2E730

Entry point:
90, 55, 48, 89, E5, 56, 48, FF, CE, 57, 41, 54, 41, 55, 41, 56, 41, 57, 48, 81, EC, D0, 00, 00, 00, 48, C7, 85, 70, FF, FF, FF, 00, 00, 00, 00, 48, C7, 45, A8, 0E, 00, 00, 00, 4C, 8B, 55, A8, 49, 83, EA, 0E, 4C, 89, 55, A0, 48, C7, 45, 98, 09, 00, 00, 00, 45, 31, F6, 4C, 8B, 55, A0, 4D, 89, D5, 49, 83, ED, 00, 49, BA, A5, 52, 00, 00, 00, 00, 00, 00, 4C, 89, 95, 40, FF, FF, FF, BE, CE, 05, 4A, B9, 4C, 8B, 95, 40, FF, FF, FF, 49, B9, 50, C6, 00, 00, 00, 00, 00, 00, 4D, 89, D6, 4D, 0F, AF, F1, 41, BD, 10, 0F...
 
[+]

Entropy:
7.2167

Code size:
184.5 KB (188,928 bytes)

Remove wiretap_get_metadata.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.