home

midori.exe

MD5:
df106825fe7f291332dc0a7d3d33a91e

SHA-1:
b09a878acec69d57b509b8e04006cfd020997b31

SHA-256:
f5dff041866c71f50c00c0a5fc2a861811b26bf512e471ab3742c7914b90cdba

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/16/2024 5:59:11 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAutoB
1.3.0.4923

File size:
133.7 KB (136,911 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\midori\bin\midori.exe

File PE Metadata
Compilation timestamp:
1/15/2014 10:51:06 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.23

CTPH (ssdeep):
1536:LBjf6lZGYJu9nRaY9zGGflB4nSuZN10jN33bjmquTAv4+il6CzIcmT:LFqG5FRTGG34nSaE3mqQAv4+iDz8

Entry address:
0x14C0

Entry point:
83, EC, 0C, C7, 05, 3C, 60, 40, 00, 01, 00, 00, 00, E8, 4E, 0E, 00, 00, 83, C4, 0C, E9, A6, FC, FF, FF, 8D, B6, 00, 00, 00, 00, 83, EC, 0C, C7, 05, 3C, 60, 40, 00, 00, 00, 00, 00, E8, 2E, 0E, 00, 00, 83, C4, 0C, E9, 86, FC, FF, FF, 90, 90, 90, 90, 90, 90, A1, 2C, 40, 40, 00, 85, C0, 74, 43, 55, 89, E5, 83, EC, 18, C7, 04, 24, 00, 50, 40, 00, FF, 15, 18, 74, 40, 00, BA, 00, 00, 00, 00, 83, EC, 04, 85, C0, 74, 16, C7, 44, 24, 04, 0E, 50, 40, 00, 89, 04, 24, FF, 15, 1C, 74, 40, 00, 83, EC, 08, 89, C2, 85, D2...
 
[+]

Entropy:
5.9848

Code size:
11 KB (11,264 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to sin01s17-in-f26.1e100.net  (173.194.117.122:80)

TCP (HTTP):
Connects to sin01s16-in-f30.1e100.net  (173.194.117.94:80)

TCP (HTTP):
Connects to sin01s15-in-f26.1e100.net  (173.194.117.58:80)

TCP (HTTP):
Connects to sin01s15-in-f13.1e100.net  (173.194.117.45:80)

TCP (HTTP):
Connects to sin01s14-in-f25.1e100.net  (173.194.117.25:80)

TCP (HTTP):
Connects to server-54-230-191-181.maa3.r.cloudfront.net  (54.230.191.181:80)

TCP (HTTP):
Connects to sa-in-f95.1e100.net  (74.125.200.95:80)

TCP (HTTP):
Connects to sa-in-f155.1e100.net  (74.125.200.155:80)

TCP (HTTP):
Connects to s3-1-w.amazonaws.com  (176.32.99.193:80)

TCP (HTTP):
Connects to hg-in-f105.1e100.net  (74.125.128.105:80)

TCP (HTTP SSL):
Connects to edge-star-shv-11-sin1.facebook.com  (31.13.79.128:443)

TCP (HTTP):
Connects to ec2-23-23-115-39.compute-1.amazonaws.com  (23.23.115.39:80)

TCP (HTTP):
Connects to ec2-23-21-87-175.compute-1.amazonaws.com  (23.21.87.175:80)

TCP (HTTP):
Connects to ec2-23-21-53-98.compute-1.amazonaws.com  (23.21.53.98:80)

TCP (HTTP):
Connects to a23-9-207-139.deploy.static.akamaitechnologies.com  (23.9.207.139:80)

TCP (HTTP):
Connects to a118-214.83-167.deploy.akamaitechnologies.com  (118.214.83.167:80)

Scan midori.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.