home

disable.exe

MD5:
4b23a55255cb6fc81230293f7b6d084b

SHA-1:
14e3829596dcf766273598299bb2d288f74b011e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 2:26:24 AM UTC  (today)

File size:
29.5 KB (30,247 bytes)

File type:
Executable application (Win16 EXE)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\disable.exe

File PE Metadata
Compilation timestamp:
12/1/2007 11:40:22 PM

OS version:
8.25

OS bitness:
Win16

Linker version:
2.0

CTPH (ssdeep):
768:3R5M1xIXMXV80dbNkI4HYmFlmYAqq4wbSPktY7:B5uiXMX/dbNV4mYISPkm7

Entry address:
0x1020100

Entry point:
4D, 5A, FF, 00, 05, 00, 00, 00, 20, 00, 00, 00, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 06, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.9226

Code size:
64 KB (65,541 bytes)

The file disable.exe has been seen being distributed by the following URL.

https://web.archive.org/web/20040805043804/http://.../disable.exe

Scan disable.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.