| File Path | Type and Hashes |
|---|
| Match Rules |
|---|
| File Name: | 222.exe |
| File Type: | PE32 executable (GUI) Intel 80386, for MS Windows |
| SHA1: | 9c1db682706e84bc5c62eb94ba286d040d21bd16 |
| MD5: | e470e1efdf057bf0cb67f5f8e7d146f5 |
| First Seen Date: | 2024-11-04 18:48:54.302927 ( ) |
| Number of Clients Seen: | 2 |
| Last Analysis Date: | 2024-11-04 18:51:25.630731 ( ) |
| Human Expert Analysis Date: | 2024-11-05 08:38:19.931418 ( ) |
| Human Expert Analysis Result: | Malware |
| Property | Value |
|---|---|
| magic literal enum | 3 |
| file type enum | 6 |
| debug artifacts | [] |
| number of sections | 6 |
| trid | [] |
| compilation time stamp | 0x6715CDA7 [Mon Oct 21 03:42:31 2024 UTC] |
| entry point | 0x715000 (.taggant) |
| machine type | Intel 386 or later - 32Bit |
| file size | 3030016 |
| ssdeep | |
| sha256 | cb15ac6b923950cc436643ca20417973952a9bee1c80d1c0f1bd9c564bd55b0a |
| exifinfo | [] |
| mime type | application/x-dosexec |
| imphash |
| File Path on Client | Seen Count |
|---|---|
| 222.exe | 1 |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | MD5 |
|---|---|---|---|---|---|
| 0x1000 | 0x58000 | 0x27a00 | 7.97228759374 | 433805cc7f54e09d19df48c4426b1471 | |
| .rsrc | 0x59000 | 0x340 | 0x400 | 4.99738997375 | 914cd139a383496d0085d499d138ef92 |
| .idata | 0x5a000 | 0x1000 | 0x200 | 0.999651588151 | 555a11fa24a077379003c187d9c9d020 |
| qjxzgjzf | 0x5b000 | 0x2b9000 | 0x2b8600 | 6.40302521105 | fa0724c39c869cac20763fc86cf33fe8 |
| obhbrmkm | 0x314000 | 0x1000 | 0x400 | 5.95406882588 | 495a1b8aa1daeef9588144dfe4a632d5 |
| .taggant | 0x315000 | 0x3000 | 0x2200 | 0.790179425507 | 04f3c5f5a7c155ec6194f491c558003b |
{u'lang': u'LANG_NEUTRAL', u'name': u'RT_MANIFEST', u'offset': 364632, u'sha256': u'b3a8ff49e0b32b632b3b99a01c3d191f95a8566664da090bfff4652229fe083e', u'type': u'XML 1.0 document, ASCII text, with CRLF line terminators', u'size': 742}