home

winampa.exe

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘WinampAgent’.
MD5:
018914b2fdef85cf4a8e940d352578ad

SHA-1:
69effbb0bc2262f1439e5f2ba3fee27c724e14e9

SHA-256:
f040473471e0e55ab76238dc5106c33755b27d179a8a127786a0881f06b5ffe4

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
5/6/2024 11:39:12 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Boost by Reason
Optional.Startup
188838

File size:
33.5 KB (34,304 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\winamp\winampa.exe

File PE Metadata
Compilation timestamp:
11/8/1997 4:44:19 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
384:HAboRTzUN/Phhm/lOFUtAOFsN1ChqOFw4GBhSBJEbwZLj8:HAGTzUNPhs0FUFFsNeFVGPSBqM8

Entry address:
0x1AF5

Entry point:
55, 8B, EC, 81, EC, 20, 02, 00, 00, 53, 56, 33, DB, BE, B8, 30, 40, 00, 53, 56, FF, 15, 84, 20, 40, 00, 85, C0, 74, 07, 53, FF, 15, 44, 20, 40, 00, 57, 68, 80, 32, 40, 00, FF, 15, 9C, 20, 40, 00, 53, A3, 98, 54, 40, 00, C7, 05, A8, 58, 40, 00, 46, 13, 40, 00, FF, 15, 40, 20, 40, 00, 89, 35, C8, 58, 40, 00, BE, 20, 5F, 40, 00, 68, 60, 32, 40, 00, 56, A3, B4, 58, 40, 00, A3, D4, 5C, 40, 00, 88, 1D, 20, 5F, 40, 00, 88, 1D, 40, 60, 40, 00, E8, AA, FE, FF, FF, BF, 40, 60, 40, 00, 68, 40, 32, 40, 00, 57, E8, 9A...
 
[+]

Entropy:
4.1990

Developed / compiled with:
Microsoft Visual C++

Code size:
4 KB (4,096 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
WinampAgent

Command:
C:\Program Files\winamp\winampa.exe


Scan winampa.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.