Windows Host.exe threat report

» File
File Details
Overview
Analysis

ThreatInfo file report

Windows Host.exe

Verdict Trojan.Kryptik

MD5 500ffdfd79a21ebb9398d3ea0c7fcb65

Latest seen 2021-01-08 17:15:35 (5 years ago)

First seen 2021-01-08 17:09:33 (5 years ago)

Size 73 KB

Publisher WinHost

Product WinHost

This report summarizes the file identity, detection status, publisher metadata, observed locations, and technical indicators for Windows Host.exe. ThreatInfo currently classifies this sample as Trojan.Kryptik.

GridinSoft Anti-Malware detection

GridinSoft already detects this file

The latest ThreatInfo record shows Windows Host.exe detected as Trojan.Kryptik. You can download GridinSoft Anti-Malware to scan the system and remove this detection if the file is present on your device.

Detection name: Trojan.Kryptik
Last analysis: 2021-01-08 17:15:35 (5 years ago)
File hash: 500ffdfd79a21ebb9398d3ea0c7fcb65

Download Anti-Malware

What is Windows Host.exe?

Windows Host.exe is a Windows file recorded in the ThreatInfo database. It is associated with WinHost. The reported company name is WinHost. The current detection status is Trojan.Kryptik, based on the latest analysis from 2021-01-08 17:15:35 (5 years ago).

If Windows Host.exe appears on your computer unexpectedly, treat it as suspicious. Check its location, digital signature, and recent system changes before allowing it to run. A full anti-malware scan is recommended when this file is detected as Trojan.Kryptik.

File Details

Main Info:

Product Name:	WinHost
Company Name:	WinHost
MD5:	500ffdfd79a21ebb9398d3ea0c7fcb65
Size:	73 KB
First Published:	2021-01-08 17:09:33 (5 years ago)
Latest Published:	2021-01-08 17:15:35 (5 years ago)

Analysis:

Status:	Trojan.Kryptik (on last analysis)
Analysis Date:	2021-01-08 17:15:35 (5 years ago)

Detection screenshot

The screenshot is a visual record of a GridinSoft Anti-Malware detection for this sample. Use the hash and metadata above as the primary identifiers when comparing the file on your system.

Common Places:

%commonappdata%

ThreatInfo has observed Windows Host.exe in the locations listed above. Files found in temporary folders, user profile folders, startup locations, or unusual application directories should be reviewed more carefully than files installed under a known program directory.

OS Version:

Windows 10

100.0%

The most common operating system signal for Windows Host.exe is Windows 10 with 100.0% of observed hits. If your system differs from the common profile, check whether the file was introduced by a specific installer, archive, or removable device.

Analysis

PE Info:

Windows Host.exe is identified as pe for 32 systems. The subsystem is Windows GUI. PE header values are useful for triage, especially when they do not match the expected publisher, product, or release timeline.

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x0001a00a

PE Sections:

Name	Size of data	MD5
s8~6x(	59904	e907a0c3438eaee26e3b9f2421bb92b3
.text	11264	16a9ee29f528c7ca159584c96127637c
.rsrc	1536	ca7c6cd3d0b80f48132c12c26ce45314
.reloc	512	aff5b30ceb43f61f913db3abeba94533
	512	438ae1107e79dae6517d5679bc0716dd

PE section names and hashes can reveal packing, injected resources, or unusual build artifacts. Sections with uncommon names, very large raw data, or hashes that differ from a trusted copy deserve additional review.

More information:

Search on Virustotal

Scan with GridinSoft Anti-Malware if this file is present on your device.

copyright for information about Windows Host.exe