» wiretap_read_stream.exe
Overview
Analysis
File Details

wiretap_read_stream.exe

The executable wiretap_read_stream.exe has been detected as malware by 10 anti-virus scanners.

File name:

MD5:

5959ec4b7289bcd07a03e7768db3b317

SHA-1:

5effac79e72af8a08d806598f5d85c7594274002

SHA-256:

eee87a2eb19538ed11062d6efc45ec3fc1234d30896dbd3ac51a5d368361e5fb

Scanner detections:

10 / 68

Status:

File is infected by a Virus

Explanation:

The file is infected by a polymorphic file infector virus.

Analysis date:

5/4/2024 11:16:42 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

avast!

Win32:Expiro-DF

160209-2

AVG

Win32/Expiro

2015.0.4530

Dr.Web

Win64.Expiro.108

9.0.1.05190

Emsisoft Anti-Malware

Win64.Expiro.Gen

10.0.0.5366

ESET NOD32

Win64/Expiro.AC virus

7.0.302.0

F-Secure

Win64.Expiro.Gen.3

5.15.21

McAfee

Virus.W64/Expiro.a

18.0.204.0

Microsoft Security Essentials

Threat.Undefined

1.213.6208.0

Norman

Win64.Expiro.Gen.3

08.02.2016 04:24:12

Sophos

Virus 'W64/Expiro-S'

5.23

File size:

922 KB (944,128 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\Program Files\autodesk\composite2014\wiretap\bin\wiretap_read_stream.exe

File PE Metadata

Compilation timestamp:

2/23/2009 9:55:44 PM

OS version:

4.0

OS bitness:

Win64

Subsystem:

Windows Console

Linker version:

9.0

CTPH (ssdeep):

24576:uPFtirAiNcT4kQKQJLWl47Y0NmWysP6S42ceKg:udtirwT4kQKQlW+Y6c

Entry address:

0x2F440

Entry point:

90, 55, 48, 89, E5, 56, 48, FF, CE, 57, 41, 54, 41, 55, 41, 56, 41, 57, 48, 81, EC, D0, 00, 00, 00, 48, C7, 85, 70, FF, FF, FF, 00, 00, 00, 00, 48, C7, 45, A8, 0E, 00, 00, 00, 4C, 8B, 55, A8, 49, 83, EA, 0E, 4C, 89, 55, A0, 48, C7, 45, 98, 09, 00, 00, 00, 45, 31, F6, 4C, 8B, 55, A0, 4D, 89, D5, 49, 83, ED, 00, 49, BA, 53, 49, 00, 00, 00, 00, 00, 00, 4C, 89, 95, 40, FF, FF, FF, BE, 46, AE, F0, F3, 4C, 8B, 95, 40, FF, FF, FF, 49, B9, 85, DF, 00, 00, 00, 00, 00, 00, 4D, 89, D6, 4D, 0F, AF, F1, 41, BD, 4A, 22... 
[+]

Entropy:

7.1937

Code size:

187.5 KB (192,000 bytes)

Remove wiretap_read_stream.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.