File verdict·Decided by the MT AI Engine
Our call

Safe

Unsigned firmware-like binary from 2009 with zero malicious detections across 48 engines including 17 tier-1 vendors; no malicious behaviour or host contact observed.

Trust score88High trust
MT AI confidence · 82%
befw11s4v3.2_v1.45.10_code.bin
740.0 KB
2521b641c52ddef0d54b208f07e3
Antivirus engines
0 of 50 flagged
Code signing
Unsigned
Age
First seen 17y ago
MT AI Engine · our arbiter

The verdict, reasoned out.

Not a rules engine. The MT AI Engine reads every signal we collected, weighs them against history, and commits to an answer.

82%Confidence
High
Reasoning

The evidence strongly indicates a benign file. Zero malicious detections across a broad antivirus network, with particular weight on 17 tier-1 engines all reporting clean, rules out known malware families. The unsigned status and rare prevalence (3 submissions over 15+ years) are consistent with an old firmware or binary archive rather than active malware. No sandbox execution data, no malicious behaviour, and no external intelligence hits (CIRCL, MalwareBazaar, YARAify) provide no counter-evidence. The filename pattern 'befw11s4v3.2_v1.45.10_code.bin' aligns with Belkin router firmware versioning, further supporting a legitimate device binary interpretation.

Key signals · 5

Each signal cites a concrete token from the evidence the arbiter saw — engine name, MITRE technique, signer string, or an exact count.

  1. 0/48 engines malicious; tier1Malicious=0; 17 tier-1 engines (Kaspersky, Microsoft, BitDefender, ESET-NOD32, Fortinet, McAfee, Emsisoft, F-Secure, GData, Ikarus, DrWeb, Avast, AVG) all reporting clean

  2. Unsigned binary (signing.verified=null) with no signer history; no brand mismatch detected

  3. prevalence.classification='rare_old' — 3 submissions over 6050 days; no recent feedback or community annotations

  4. No sandbox malicious verdict, no dropped children, no malicious host contact, no external intel hits (CIRCL, MalwareBazaar, YARAify all negative)

  5. Filename pattern 'befw11s4v3.2_v1.45.10_code.bin' consistent with firmware binary; no security-software or research-tool classifier match

Points in its favour
  • 0/48 engines malicious; 17 tier-1 vendors all clean
  • No sandbox malicious verdict
  • No malicious host contact or dropped children
  • Filename consistent with legitimate firmware versioning
  • No external intelligence hits (CIRCL, MalwareBazaar, YARAify)
What to do

This file is safe to use. The unanimous clean verdict from 17 high-trust antivirus engines, combined with the absence of any malicious behaviour or host contact, indicates a benign firmware or archived binary. No action is required.

No researcher-database hits
External threat-intel sources were not collected for this scan.
Antivirus engine breakdown

0 detections across 50 engines

0 malicious0 suspicious50 clean
Tier-117 engines
0flag
Top commercial AVs (low FP rate)
Tier-227 engines
0flag
Mainstream engines with mixed FP rates
Low-trust6 engines
0flag
Heuristic / generic-AI engines (high FP rate)
All 50 engines report this file as clean.
Hash 2521b641c52d… cross-referenced against 50 AV engines via our AV network.
Prevalence

How often this file shows up in the wild

Rarely uploaded, but has been around for a while. Often niche legitimate software or old internal tooling; not a strong malware signal on its own.

Rare & old
Unique uploaders
3
Very few people have ever uploaded this — rare.
Total submissions
3
Includes repeat uploads by the same source.
First seen by VT
17y ago
Dec 13, 2009
Prevalence quadrant
Rare · New
Targeted malware lives here
Common · New
Just-released software
here
Rare · Old
Niche or internal tooling
Common · Old
Trusted legitimate binaries
File identity

Forensic fingerprint

File biography
First seen (VT)
12/13/2009, 7:29:34 PM
First seen (MalwareBazaar)
Last analysis (VT)
2/16/2014, 8:37:40 PM
Scanned here
7/8/2026, 12:42:15 AM
File name
befw11s4v3.2_v1.45.10_code.bin
Size
740.0 KB
MIME type
(unknown)
Detected type
unknown
SHA-256
2521b641c52ddef0d5fccca5454648c0467e699eec4faefda297834b208f07e3
MD5
1c73a8c065060f5a8d324e4163088ec0
SHA-1
ca5dddbacf6229b6866807acb2140d7a10d3fdfa
First seen (VT)
12/13/2009, 7:29:34 PM
Last analysis (VT)
2/16/2014, 8:37:40 PM
First scan (MalwareTips)
7/7/2026, 10:05:01 PM
Last scan (MalwareTips)
7/8/2026, 12:42:15 AM
Community classification

Reviews & malware reports(0)

Tell the community what you saw. Tag the sample — Trojan, Adware, False Positive — and share what the file did on your system. Your report helps confirm or dispute the AV verdict.

Loading…
Loading reports…
Files are processed in a streaming pass-through — MalwareTips never stores the binary on its servers. Only the scan result (hash, detections, verdict) is retained so the next person who scans the same file gets an instant answer. If you ran this file on your computer and are worried, scan your system with an up-to-date antivirus and change critical passwords from a different device.