× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8eb7326be9966a76b83c3497109a147bce7237e72940680642b4ca02f9089ed9
File name: wmplayer.exe
Detection ratio: 17 / 64
Analysis date: 2017-08-18 21:59:16 UTC ( 10 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Strictor.133549 20170818
ALYac Gen:Variant.Strictor.133549 20170818
Arcabit Trojan.Strictor.D209AD 20170818
Avast Win32:Malware-gen 20170818
AVG Win32:Malware-gen 20170818
BitDefender Gen:Variant.Strictor.133549 20170818
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170804
Emsisoft Gen:Variant.Strictor.133549 (B) 20170818
ESET-NOD32 a variant of MSIL/TrojanClicker.Agent.NOK 20170818
F-Secure Gen:Variant.Strictor.133549 20170818
Fortinet MSIL/TrojanClicker_Agent.NOK!tr 20170818
GData Gen:Variant.Strictor.133549 20170818
Ikarus Trojan.MSIL.TrojanClicker 20170818
MAX malware (ai score=80) 20170818
eScan Gen:Variant.Strictor.133549 20170818
Panda Trj/GdSda.A 20170818
SentinelOne (Static ML) static engine - malicious 20170806
AegisLab 20170818
AhnLab-V3 20170818
Alibaba 20170818
Antiy-AVL 20170818
Avira (no cloud) 20170818
AVware 20170818
Baidu 20170817
Bkav 20170818
CAT-QuickHeal 20170818
ClamAV 20170818
CMC 20170818
Comodo 20170818
Cylance 20170818
Cyren 20170818
DrWeb 20170818
Endgame 20170721
F-Prot 20170818
Sophos ML 20170818
Jiangmin 20170818
K7AntiVirus 20170818
K7GW 20170817
Kaspersky 20170818
Kingsoft 20170818
Malwarebytes 20170818
McAfee 20170818
McAfee-GW-Edition 20170818
Microsoft 20170818
NANO-Antivirus 20170818
nProtect 20170818
Palo Alto Networks (Known Signatures) 20170818
Qihoo-360 20170818
Rising 20170818
Sophos AV 20170818
SUPERAntiSpyware 20170818
Symantec 20170818
Symantec Mobile Insight 20170818
Tencent 20170818
TheHacker 20170817
TrendMicro 20170818
TrendMicro-HouseCall 20170818
Trustlook 20170818
VBA32 20170818
VIPRE 20170818
ViRobot 20170818
Webroot 20170818
WhiteArmor 20170817
Yandex 20170818
Zillya 20170817
ZoneAlarm by Check Point 20170818
Zoner 20170818
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2017

Product Windows Media Player
Original name wmplayer.exe
Internal name wmplayer.exe
File version 1.0.0.0
Description Windows Media Player
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-07-30 06:34:49
Entry Point 0x00010DCE
Number of sections 4
.NET details
Module Version ID b68ad9d5-9cc8-443e-9a5e-4dbc4ddc6980
TypeLib ID 4df5731f-fe1d-4a71-a918-db7732d7d78f
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 9
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 12
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
180736

ImageVersion
0.0

ProductName
Windows Media Player

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Windows Media Player

CharacterSet
Unicode

LinkerVersion
11.0

FileTypeExtension
exe

OriginalFileName
wmplayer.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.0.0

TimeStamp
2017:07:30 07:34:49+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
wmplayer.exe

ProductVersion
1.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright 2017

MachineType
Intel 386 or later, and compatibles

CodeSize
60928

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x10dce

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 4793a9663376ef3a9044e07a9a45d966
SHA1 84a3b375e62ca671f4f66b38cb0e4e53383b9785
SHA256 8eb7326be9966a76b83c3497109a147bce7237e72940680642b4ca02f9089ed9
ssdeep
3072:ZDdshLQQ6zo2DNufxsKgPHTUl0RFUu6wA7:ZahLj6B8fxsoEUZH

authentihash 4efacfa886bc6fe0dac9f1d471ab8e866accc375d23359fa867a2cd76bf45a91
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 237.0 KB ( 242688 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (55.0%)
Win64 Executable (generic) (20.7%)
Windows screen saver (9.8%)
Win32 Dynamic Link Library (generic) (4.9%)
Win32 Executable (generic) (3.3%)
Tags
peexe assembly

VirusTotal metadata
First submission 2017-08-18 21:59:16 UTC ( 10 months, 1 week ago )
Last submission 2018-05-19 18:51:33 UTC ( 1 month ago )
File names 4793a9663376ef3a9044e07a9a45d966.vir
wmplayer.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!