home

ipmi_sample2.exe

MD5:
6ce28956de1191a4222dda8ccd5905da

SHA-1:
5e675d4169cf56f7a96c32b88ecb6149e5841d26

SHA-256:
bb9127ba114480c819ffe089bf2dbfabc5dd4de966cfc29c7209581e91c66ec9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 1:10:34 PM UTC  (today)

File size:
180 KB (184,320 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\ipmi_sample2.exe

File PE Metadata
Compilation timestamp:
4/12/2013 9:46:08 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
3072:TjXf9zShnXzOt5AUltYo2x1vRa8Di+BKjmwx2PE4vnHvvttQ2Ob5sZ:Th2UthtYo8BDnojmwx2M4vHvVtvO+Z

Entry address:
0xC5F4

Entry point:
48, 83, EC, 28, E8, 07, 98, 00, 00, 48, 83, C4, 28, E9, 56, FE, FF, FF, CC, CC, 48, 89, 5C, 24, 08, 48, 89, 74, 24, 18, 48, 89, 54, 24, 10, 57, 48, 83, EC, 30, 48, 8B, DA, 8B, F1, 33, FF, 33, C0, 48, 85, D2, 0F, 95, C0, 85, C0, 75, 27, E8, EC, 04, 00, 00, C7, 00, 16, 00, 00, 00, 48, 21, 7C, 24, 20, 45, 33, C9, 45, 33, C0, 33, D2, 33, C9, E8, BA, 15, 00, 00, 83, C8, FF, E9, D8, 00, 00, 00, 48, 8B, CA, E8, AA, FB, FF, FF, 90, F6, 43, 18, 40, 0F, 85, 96, 00, 00, 00, 48, 8B, CB, E8, F7, 13, 00, 00, 83, F8, FF...
 
[+]

Entropy:
6.2510

Code size:
116.5 KB (119,296 bytes)

The file ipmi_sample2.exe has been seen being distributed by the following URL.

http://ipmiutil.sourceforge.net/.../ipmi_sample2.exe

Scan ipmi_sample2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.