home

phBot.exe

phBot

Ryan Clouser

Publisher:
ProjectHax  (signed by Ryan Clouser)

Product:
phBot

Description:
phBot - Silkroad Online Bot

Version:
15.3.9.0

MD5:
315024d0b71b3698a0b7440f153c36ca

SHA-1:
1547254b05eedecf220938d2a3fcdc4fd9be9929

SHA-256:
6e310806168ccf75b261180380c8f0639d5ce210b762f072199e27c6e4bd92e1

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/19/2024 5:33:47 PM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
not-a-virus:AdWare.Amonetize
t3scan.1.9.5.0

Vba32 AntiVirus
Malware-Cryptor.General.6
3.12.26.4

File size:
13.7 MB (14,340,080 bytes)

Product version:
15.3.9.0

Copyright:
Copyright (C) 2015 ProjectHax

Original file name:
phBot.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
Ryan Clouser

Authority:
StartCom Ltd.

Valid from:
11/8/2013 2:13:03 PM

Valid to:
11/9/2015 12:34:04 AM

Subject:
E=ryan@projecthax.com, CN=Ryan Clouser, L=Camp Hill, S=Pennsylvania, C=US, Description=GDbAxi2Z0A7Em5K7

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
0BB8

File PE Metadata
Compilation timestamp:
9/22/2015 3:14:07 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
393216:zlpjgEz1ENsz6H3wvJjg7MYu2mXBH5KkPkSPyD/I6ODPFLK:zVxrz6H3wvJkMYRExYxSPyU6ODN2

Entry address:
0x23E98B8

Entry point:
EB, 08, B6, AF, D9, 00, 00, 00, 00, 00, E9, AE, D8, 26, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 48, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 90, 50, 26, 01, 20, 99, 7E, 02, A0, 19, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, C9, 93, 88, 00, 70, 14, 93, 00, 99, 14, 93, 00, B4, 14, 93, 00, DD, 14, 93, 00, 06, 15, 93, 00...
 
[+]

Code size:
13.7 MB (14,327,808 bytes)

Scan phBot.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.