Safe
Unsigned firmware-like binary from 2009 with zero malicious detections across 48 engines including 17 tier-1 vendors; no malicious behaviour or host contact observed.
2521b641c52ddef0d5…4b208f07e3The verdict, reasoned out.
Not a rules engine. The MT AI Engine reads every signal we collected, weighs them against history, and commits to an answer.
The evidence strongly indicates a benign file. Zero malicious detections across a broad antivirus network, with particular weight on 17 tier-1 engines all reporting clean, rules out known malware families. The unsigned status and rare prevalence (3 submissions over 15+ years) are consistent with an old firmware or binary archive rather than active malware. No sandbox execution data, no malicious behaviour, and no external intelligence hits (CIRCL, MalwareBazaar, YARAify) provide no counter-evidence. The filename pattern 'befw11s4v3.2_v1.45.10_code.bin' aligns with Belkin router firmware versioning, further supporting a legitimate device binary interpretation.
Each signal cites a concrete token from the evidence the arbiter saw — engine name, MITRE technique, signer string, or an exact count.
0/48 engines malicious; tier1Malicious=0; 17 tier-1 engines (Kaspersky, Microsoft, BitDefender, ESET-NOD32, Fortinet, McAfee, Emsisoft, F-Secure, GData, Ikarus, DrWeb, Avast, AVG) all reporting clean
Unsigned binary (signing.verified=null) with no signer history; no brand mismatch detected
prevalence.classification='rare_old' — 3 submissions over 6050 days; no recent feedback or community annotations
No sandbox malicious verdict, no dropped children, no malicious host contact, no external intel hits (CIRCL, MalwareBazaar, YARAify all negative)
Filename pattern 'befw11s4v3.2_v1.45.10_code.bin' consistent with firmware binary; no security-software or research-tool classifier match
- 0/48 engines malicious; 17 tier-1 vendors all clean
- No sandbox malicious verdict
- No malicious host contact or dropped children
- Filename consistent with legitimate firmware versioning
- No external intelligence hits (CIRCL, MalwareBazaar, YARAify)
This file is safe to use. The unanimous clean verdict from 17 high-trust antivirus engines, combined with the absence of any malicious behaviour or host contact, indicates a benign firmware or archived binary. No action is required.
0 detections across 50 engines
How often this file shows up in the wild
Rarely uploaded, but has been around for a while. Often niche legitimate software or old internal tooling; not a strong malware signal on its own.
Forensic fingerprint
- File name
- befw11s4v3.2_v1.45.10_code.bin
- Size
- 740.0 KB
- MIME type
- (unknown)
- Detected type
- unknown
- SHA-256
- 2521b641c52ddef0d5fccca5454648c0467e699eec4faefda297834b208f07e3
- MD5
- 1c73a8c065060f5a8d324e4163088ec0
- SHA-1
- ca5dddbacf6229b6866807acb2140d7a10d3fdfa
- First seen (VT)
- 12/13/2009, 7:29:34 PM
- Last analysis (VT)
- 2/16/2014, 8:37:40 PM
- First scan (MalwareTips)
- 7/7/2026, 10:05:01 PM
- Last scan (MalwareTips)
- 7/8/2026, 12:42:15 AM
Reviews & malware reports(0)
Tell the community what you saw. Tag the sample — Trojan, Adware, False Positive — and share what the file did on your system. Your report helps confirm or dispute the AV verdict.