home

optout.exe

MD5:
7547a81525084780d19e91e54ef75127

SHA-1:
983974adf8fa084752f74d58660628c981dd6e05

SHA-256:
9799ceefea9630965b84d11b13386a1c8af163466e4ae4ce2f56edb8cd65d513

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/19/2024 8:59:17 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/Pec1
7.1.1

Bkav FE
HW32.CDB
1.3.0.4959

Trend Micro House Call
PAK_Generic.001
7.2.85

Trend Micro
PAK_Generic.001
10.465.26

File size:
8.5 KB (8,704 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\optout.exe

File PE Metadata
Compilation timestamp:
3/2/2001 2:18:08 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
192:XSclkKw1ZCQX/nybB0OEGvNSc3bgHi1111VU3XOXf:XxM19/yd1hvNbbw7g

Entry address:
0x564C

Entry point:
EB, 06, 68, 00, 10, 00, 00, C3, 9C, 60, E8, 02, 00, 00, 00, 33, C0, 8B, C4, 83, C0, 04, 93, 8B, E3, 8B, 5B, FC, 81, EB, 0F, 70, 40, 00, 87, DD, 8B, 85, A6, 70, 40, 00, 01, 85, 03, 70, 40, 00, 66, C7, 85, 00, 70, 40, 00, 90, 90, 01, 85, 9E, 70, 40, 00, BB, D2, 08, 00, 00, 03, 9D, AA, 70, 40, 00, 03, 9D, A6, 70, 40, 00, 53, 53, 53, 53, 58, 2D, 70, 70, 40, 00, 89, 85, 71, 70, 40, 00, 5F, 8D, B5, 70, 70, 40, 00, B9, 19, 02, 00, 00, F3, A5, 5F, C3, BD, 00, 00, 00, 00, 57, 5E, 83, C6, 42, 81, C7, 62, 08, 00, 00...
 
[+]

Entropy:
6.2870

Packer / compiler:
PECompact v1.4x+

Code size:
8 KB (8,192 bytes)

The file optout.exe has been seen being distributed by the following 2 URLs.

http://grc.com/.../optout.exe

https://www.grc.com/.../optout.exe

Scan optout.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.