| File Path | Type and Hashes |
|---|
| Match Rules |
|---|
| File Name: | 555.exe |
| File Type: | PE32 executable (GUI) Intel 80386, for MS Windows |
| SHA1: | e8cbbc2b181c177ffbe414b69a22175b8834b227 |
| MD5: | 5efce3ea3ad47d8fecaf22c78579fd4e |
| First Seen Date: | 2024-11-03 12:59:36.391943 ( ) |
| Number of Clients Seen: | 4 |
| Last Analysis Date: | 2024-11-04 18:53:18.431275 ( ) |
| Human Expert Analysis Date: | 2024-12-20 13:54:49.706678 ( ) |
| Human Expert Analysis Result: | Malware |
| Property | Value |
|---|---|
| magic literal enum | 3 |
| file type enum | 6 |
| debug artifacts | [] |
| number of sections | 6 |
| trid | [] |
| compilation time stamp | 0x67168C77 [Mon Oct 21 17:16:39 2024 UTC] |
| entry point | 0x705000 (.taggant) |
| machine type | Intel 386 or later - 32Bit |
| file size | 2963968 |
| ssdeep | |
| sha256 | f1e2bd19183e2d12a66b732f7b78befb199c44182f24a6f903385530b3af230a |
| exifinfo | [] |
| mime type | application/x-dosexec |
| imphash |
| File Path on Client | Seen Count |
|---|---|
| C:\Users\test\Downloads\555.exe | 1 |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | MD5 |
|---|---|---|---|---|---|
| 0x1000 | 0x59000 | 0x28600 | 7.97900505012 | 8427b2b686f9ef44b1e0d3435dcafecb | |
| .rsrc | 0x5a000 | 0x340 | 0x400 | 4.99738997375 | 5c7c8122a7854db521db600ca46269e9 |
| .idata | 0x5b000 | 0x1000 | 0x200 | 0.999651588151 | b36aef970bd1b7d2f5de1064b473cacc |
| sdftfoxv | 0x5c000 | 0x2a8000 | 0x2a7600 | 6.35153597665 | 63f4b88524d01c035ac1e426ec1ee849 |
| niqosjiw | 0x304000 | 0x1000 | 0x600 | 5.05716912684 | 62d4a64740891f08c1706643a86cfb8b |
| .taggant | 0x305000 | 0x3000 | 0x2200 | 0.769980624655 | 2dd702d0aab5caa552f79da98ce7ff0b |
{u'lang': u'LANG_NEUTRAL', u'name': u'RT_MANIFEST', u'offset': 368728, u'sha256': u'b3a8ff49e0b32b632b3b99a01c3d191f95a8566664da090bfff4652229fe083e', u'type': u'XML 1.0 document, ASCII text, with CRLF line terminators', u'size': 742}