I scanned one of my allegedly infected files. would like to know what the Downloader.Generic.gga is.
SHA256: 290bb5d83b8ed16ea339f355ec3df890b43b24ff415ebe02a062ae60954a1373
File name: mbam-setup-1.65.0.1400.exe
Detection ratio: 1 / 55
Analysis date: 2017-02-22 15:45:15 UTC ( 1 minute ago )
45 20
Probably harmless! There are strong indicators suggesting that this file is safe to use.
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright© Malwarebytes Corporation. All rights reserved.
Product Malwarebytes Anti-Malware
File version 1.65.0.1400
Description Malwarebytes Anti-Malware
Comments This installation was built with Inno Setup.
Signature verification Signed file, verified signature
Signing date 10:04 PM 9/7/2012
Signers
- Malwarebytes Corporation
- VeriSign Class 3 Code Signing 2010 CA
- VeriSign
Counter signers
- COMODO Time Stamping Signer
- USERTrust (Code Signing)
Packers identified
F-PROT INNO, appended
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x00009C40
Number of sections 8
====================
ExifTool file metadata
UninitializedDataSize0
CommentsThis installation was built with Inno Setup.
LinkerVersion2.25
ImageVersion6.0
FileSubtype0
FileVersionNumber1.65.0.1400
LanguageCodeNeutral
FileFlagsMask0x003f
CharacterSetUnicode
InitializedDataSize17920
EntryPoint0x9c40
MIMETypeapplication/octet-stream
LegalCopyrightMalwarebytes Corporation. All rights reserved.
FileVersion1.65.0.1400
TimeStamp1992:06:19 23:22:17+01:00
FileTypeWin32 EXE
PETypePE32
SubsystemVersion4.0
ProductVersion1.65.0.1400
FileDescriptionMalwarebytes Anti-Malware
OSVersion1.0
FileOSWin32
SubsystemWindows GUI
MachineTypeIntel 386 or later, and compatibles
CompanyNameMalwarebytes Corporation
CodeSize37888
ProductNameMalwarebytes Anti-Malware
ProductVersionNumber1.65.0.1400
FileTypeExtensionexe
ObjectFileTypeExecutable application