home

is.exe

MD5:
d29b29b9d0f9bf8e3e1f4461b2e48a95

SHA-1:
e40f57426cd71e33458245ac9668ce621cf844c4

SHA-256:
a1f5279b31c5d6ca515930f646ff5a5ca43280c30321e787274cdd84a056f172

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 4:04:06 PM UTC  (today)

File size:
1.2 MB (1,257,472 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\is.exe

File PE Metadata
Compilation timestamp:
6/20/1992 2:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:rJ0FxB2Z5nHGz8Yc3dz/EqFLapQEMmJjzka61o7tJFESvaOlRW:NG+jnHGz8YcFEvGivm

Entry address:
0xF470C

Entry point:
55, 8B, EC, 83, C4, F0, B8, 8C, 44, 4F, 00, E8, 78, 24, F1, FF, A1, 98, 68, 4F, 00, 8B, 00, E8, BC, 5E, F8, FF, A1, 98, 68, 4F, 00, 8B, 00, BA, 88, 47, 4F, 00, E8, 5F, 59, F8, FF, A1, 98, 68, 4F, 00, 8B, 00, 83, C0, 50, BA, A8, 47, 4F, 00, E8, 83, 00, F1, FF, 8B, 0D, 18, 64, 4F, 00, A1, 98, 68, 4F, 00, 8B, 00, 8B, 15, 4C, E0, 4E, 00, E8, 9F, 5E, F8, FF, A1, E8, 64, 4F, 00, 80, 38, 00, 74, 0C, A1, 98, 68, 4F, 00, 8B, 00, E8, 1D, 5F, F8, FF, E8, 0C, FF, F0, FF, FF, FF, FF, FF, 14, 00, 00, 00, 46, 2D, 43, 4F...
 
[+]

Entropy:
6.5414

Developed / compiled with:
Microsoft Visual C++

Code size:
974 KB (997,376 bytes)

The file is.exe has been seen being distributed by the following 2 URLs.

http://www.fayloobmennik.net/files/.../106669152.html?check=7cbb416d73f9784bec9b969ebd42646e&file=1228750

http://www.fayloobmennik.net/files/.../87098202.html?check=04ab0458eeee6c89bd466688b6783b17&file=1228750

Scan is.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.