System currently contains 112,739,878 malware samples.
| 42de5ec1ad32b9a95a424f613319b40d3e3d028ac8958a49328988356f024fa9 |
| VirusShare info last updated 2026-05-19 00:00:02 UTC |
|
|
| MD5 | 58f9f18e6d7efe8e29c809e0c5926a15 |
| SHA1 | 82cb4a8517691506174b4aee00059e1f7166d5ba |
| SHA256 | 42de5ec1ad32b9a95a424f613319b40d3e3d028ac8958a49328988356f024fa9 |
| SSDeep | 49152:OLbYI4I0bVKBUhx8CRSrzQ8vbeKgSRpXxmDYeQeaUx7qEaY3YPKEnSG:GYZkBU6ZvCK/phm8eQN8PYPKES |
| Authentihash | 262f69aea9d4336150063ee2b63b370f269cc014cbffee8665cdf8192eb8db9f |
| Size | 2,083,328 bytes |
| File Type | PE32+ executable (GUI) x86-64, for MS Windows |
| Mime Type | application/x-dosexec |
| Extension | exe |
| TrID | Windows Control Panel Item (generic) (58.9%)
Microsoft Visual C++ compiled executable (generic) (16.9%)
Win64 Executable (generic) (10.7%)
Win16 NE executable (generic) (5.1%)
Windows Icons Library (generic) (2.1%)
|
Detections
(47/61) | | ALYac | Win64.Expiro.Gen.7 | | APEX | Malicious | | Acronis | suspicious | | AhnLab-V3 | Virus/Win.Expiro.X2155 | | Antiy-AVL | Virus/Win32.Expiro.x | | Arcabit | Win64.Expiro.Gen.7 | | Avira | W32/Infector.Gen | | BitDefender | Win64.Expiro.Gen.7 | | Bkav | W64.AIDetectMalware | | CAT-QuickHeal | W32.Expiro.R3 | | CTX | exe.unknown.expiro | | CrowdStrike | win/malicious_confidence_100% (D) | | Cylance | Unsafe | | Cynet | Malicious (score: 100) | | DeepInstinct | MALICIOUS | | DrWeb | Win32.Expiro.153 | | ESET-NOD32 | Win64/Expiro.CY virus | | Elastic | malicious (high confidence) | | Emsisoft | Win64.Expiro.Gen.7 (B) | | F-Secure | Malware.W32/Infector.Gen | | Fortinet | W64/Expiro.CV | | GData | Win64.Expiro.Gen.7 | | Google | Detected | | Gridinsoft | Trojan.Win64.Wacatac.oa!s1 | | Ikarus | Virus.Win64.Expiro | | K7AntiVirus | Virus ( 005a9e7d1 ) | | K7GW | Virus ( 005a9e7d1 ) | | Malwarebytes | Virus.M0yv | | MaxSecure | Trojan.Malware.121218.susgen | | McAfeeD | ti!42DE5EC1AD32 | | MicroWorld-eScan | Win64.Expiro.Gen.7 | | Microsoft | Trojan:Win32/Phonzy.B!ml | | Rising | Virus.Expiro!1.A140 (CLASSIC) | | Sangfor | Trojan.Win32.Save.a | | SentinelOne | Static AI - Malicious PE | | Sophos | W64/Moiva-B | | Symantec | W64.Xpiro.J!dam | | TACHYON | Virus/W64.Movia | | Trapmine | malicious.moderate.ml.score | | TrendMicro | Virus.Win64.EXPIRO.SMAJC | | TrendMicro-HouseCall | Virus.Win64.EXPIRO.SMAJC | | VIPRE | Win64.Expiro.Gen.7 | | Varist | W64/ARisk.AS | | VirIT | Win64.Expiro.AJ | | Webroot | W32.Virus.Win64.Moiva | | ZoneAlarm | W64/Moiva-B | | huorong | Virus/W64.Expiro.r | | VirusTotal Report submitted 2026-05-04 21:44:32 UTC |
|
| ExIF Data | | CharacterSet | Unicode | | CodeSize | 1456128 | | CompanyName | Microsoft Corporation | | EntryPoint | 0x14e448 | | FileDescription | Microsoft® Block Level Backup Engine Service EXE | | FileFlags | (none) | | FileFlagsMask | 0x003f | | FileOS | Windows NT 32-bit | | FileSize | 2034 kB | | FileSubtype | 0 | | FileType | Win64 EXE | | FileTypeExtension | exe | | FileVersion | 6.1.7601.17514 (win7sp1_rtm.101119-1850) | | FileVersionNumber | 6.1.7601.17514 | | ImageFileCharacteristics | Executable, Large address aware | | ImageVersion | 6.1 | | InitializedDataSize | 54784 | | InternalName | wbengine.exe | | LanguageCode | English (U.S.) | | LegalCopyright | © Microsoft Corporation. All rights reserved. | | LinkerVersion | 9 | | MIMEType | application/octet-stream | | MachineType | AMD AMD64 | | OSVersion | 6.1 | | ObjectFileType | Executable application | | OriginalFileName | wbengine.exe | | PEType | PE32+ | | ProductName | Microsoft® Windows® Operating System | | ProductVersion | 6.1.7601.17514 | | ProductVersionNumber | 6.1.7601.17514 | | Subsystem | Windows GUI | | SubsystemVersion | 6.1 | | TimeStamp | 2010:11:20 09:48:01+00:00 | | UninitializedDataSize | 0 |
|
