home

pockethash.exe

MD5:
430b853ffff4e1fb0b536a4a1ca24ba2

SHA-1:
fbda828bd1b42003952acef0e7acbcf5d59fd3ac

SHA-256:
c18aef2b1248b87636dba66853d79c2d3a71366898c95ee607ffa0695ed77848

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
7/2/2025 6:17:54 AM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
HEUR/QVM05.1.Malware.Gen
1.0.0.1015

Trend Micro House Call
Suspicious_GEN.F47V0518
7.2.156

File size:
48.5 KB (49,664 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\pockethash.exe

File PE Metadata
Compilation timestamp:
5/2/2015 3:55:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.50

CTPH (ssdeep):
768:LRir6SVDfy0uOd0DaaFBtpWp8TTlsZBL5rrJ83jYi0XxfClgy:LRm6SFuaAaaFBtp1flCs3jn0XxfYB

Entry address:
0x1000

Entry point:
68, 38, 00, 00, 00, 68, 00, 31, 00, 00, 68, F4, E4, 00, 11, E8, EC, 0F, 00, 00, 83, C4, 0C, 68, 00, 00, 00, 00, E8, E5, 0F, 00, 00, A3, F8, E4, 00, 11, 68, 00, 00, 00, 00, 68, 00, 10, 00, 00, 68, 00, 00, 00, 00, E8, D2, 0F, 00, 00, A3, F4, E4, 00, 11, E8, 9C, 9E, 00, 00, E8, 19, 65, 00, 00, E8, 4F, 64, 00, 00, E8, 1D, 64, 00, 00, E8, 0E, 63, 00, 00, E8, B5, 5A, 00, 00, E8, BF, 53, 00, 00, E8, B1, 51, 00, 00, E8, AD, 40, 00, 00, E8, 63, 2B, 00, 00, E8, FD, 1D, 00, 00, E8, EB, 17, 00, 00, EB, 05, E8, 45, 10...
 
[+]

Entropy:
6.4875

Packer / compiler:
PKLITE32, 0x1.1

Code size:
40.5 KB (41,472 bytes)

The file pockethash.exe has been seen being distributed by the following URL.

http://trax.x10.mx/pockethash.exe

Scan pockethash.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.