home

bt.exe

MD5:
c34bb49e499d795c0c6d5a0d81b5de73

SHA-1:
eb8612cab5a9ca46550acac2055689ed1c2543d6

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/24/2024 9:37:13 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.Clod594.Trojan
1.3.0.4959

Comodo Security
UnclassifiedMalware
17850

Trend Micro
Cryp_Xin1
10.465.06

File size:
11 KB (11,264 bytes)

File type:
Executable application (Win64 EXE)

File PE Metadata
Compilation timestamp:
7/12/2010 2:31:59 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
192:tcL8VLT51+364ZWx5Jf3kquQTmwHpRWonNYz/P+IFB:tdVLTLI6YWxv0pQC2nSz2I

Entry address:
0x1EAC

Entry point:
48, 89, 5C, 24, 10, 48, 89, 6C, 24, 18, 48, 89, 7C, 24, 20, 41, 54, 48, 83, EC, 20, FF, 15, 49, 11, 00, 00, B9, F5, FF, FF, FF, 48, 89, 05, 35, 25, 00, 00, FF, 15, 6F, 11, 00, 00, 48, 8B, C8, 48, 89, 05, 1D, 25, 00, 00, FF, 15, 67, 11, 00, 00, 41, BC, 01, 00, 00, 00, 83, F8, 02, 75, 1D, 48, 8B, 0D, 05, 25, 00, 00, 48, 8D, 54, 24, 30, FF, 15, 22, 11, 00, 00, C6, 05, C3, 2E, 00, 00, 00, 85, C0, 75, 07, 44, 88, 25, B8, 2E, 00, 00, B8, 20, 02, 00, 00, 48, 8D, 0D, BC, 2E, 00, 00, 49, 2B, C4, C6, 04, 08, 00, 75...
 
[+]

Entropy:
5.2409

Code size:
5.5 KB (5,632 bytes)

Scan bt.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.