| File Path | Type and Hashes |
|---|
| Match Rules |
|---|
| File Name: | f.exe |
| File Type: | PE32 executable (GUI) Intel 80386, for MS Windows |
| SHA1: | 61817e25b0cfae37a3f289fc308e67146f874342 |
| MD5: | 7b910a871a5bb36d8f47094f51eaac46 |
| First Seen Date: | 2024-05-12 19:35:34.841516 ( ) |
| Number of Clients Seen: | 5 |
| Last Analysis Date: | 2024-05-12 19:36:31.732640 ( ) |
| Human Expert Analysis Date: | 2024-05-13 17:04:51.246728 ( ) |
| Human Expert Analysis Result: | Malware |
| Property | Value |
|---|---|
| magic literal enum | 3 |
| file type enum | 6 |
| debug artifacts | [] |
| number of sections | 5 |
| trid | [] |
| compilation time stamp | 0x6615903F [Tue Apr 9 19:00:15 2024 UTC] |
| entry point | 0x40ac30 (.text) |
| machine type | Intel 386 or later - 32Bit |
| file size | 80896 |
| ssdeep | |
| sha256 | ae2b65de86e012e926c22d0f81c7d4e495d8cbcae8aa34c298c267477d2d3ec0 |
| exifinfo | [] |
| mime type | application/x-dosexec |
| imphash |
| File Path on Client | Seen Count |
|---|---|
| 61817e25b0cfae37a3f289fc308e67146f874342 | 1 |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | MD5 |
|---|---|---|---|---|---|
| .text | 0x1000 | 0x122e7 | 0x12400 | 5.90987757538 | 3f1406a4437e8f0cff9c28dfe3f130f9 |
| .data | 0x14000 | 0x268 | 0x200 | 4.20051959504 | 983a1e13bda53f5dd0a3a01ce6ded159 |
| .idata | 0x15000 | 0x97a | 0xa00 | 5.09718074777 | c3c925ff9e1780c2fa613ea337521208 |
| .CRT | 0x16000 | 0x8 | 0x200 | 0.0940979256627 | efee18195bb108622b35df0104b325bd |
| .reloc | 0x17000 | 0x418 | 0x600 | 5.08891192378 | e06542aef564d381d8d2db6434d1890e |