home

sleep.exe

Galapo

Publisher:
Galapo  (signed and verified)

Description:
pauses commandline for supplied time

Version:
1.0.0.0

MD5:
b4149755f1f3fb92268ee19725233ed1

SHA-1:
cae0f2c5d7ccc36a68183969f3385357b0a8e8a1

SHA-256:
350e19c72aed638ca14185101c8655875518e2a65114e7e2073874ca59ddb18f

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 11:02:29 AM UTC  (today)

Scan engine
Detection
Engine version

NANO AntiVirus
Trojan.Win32.DownLoad.cvuzeo
0.28.6.62995

File size:
7.9 KB (8,056 bytes)

Copyright:
Compiled by Galapo

Original file name:
sleep.exe

File type:
Executable application (Win32 EXE)

Language:
English (United Kingdom)

Common path:
C:\users\{user}\downloads\rtpe\target\win7pese\Windows\System32\sleep.exe

Digital Signature
Signed by:
Galapo

Authority:
Root Agency

Valid from:
5/6/2010 4:53:23 AM

Valid to:
12/31/2039 3:59:59 PM

Subject:
CN=Galapo

Issuer:
CN=Root Agency

Serial number:
643D723923FD97954205B828C90E271C

File PE Metadata
Compilation timestamp:
6/15/2010 3:50:02 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.56

CTPH (ssdeep):
96:vagVHUBXX5X/UV3W15PBL9F+Qox6Wnd0erEbMN7hvcKEPcsQ2:rVHUPX/UV3W15PBL9UrEbqVcKEP62

Entry address:
0x1220

Entry point:
55, 89, E5, 83, EC, 08, C7, 04, 24, 01, 00, 00, 00, FF, 15, 10, 51, 40, 00, E8, C8, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 89, E5, 83, EC, 08, C7, 04, 24, 02, 00, 00, 00, FF, 15, 10, 51, 40, 00, E8, A8, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 8B, 0D, 28, 51, 40, 00, 89, E5, 5D, FF, E1, 8D, 74, 26, 00, 55, 8B, 0D, 1C, 51, 40, 00, 89, E5, 5D, FF, E1, 90, 90, 90, 90, 55, 89, E5, 5D, E9, 47, 04, 00, 00, 90, 90, 90, 90, 90, 90, 90, 55, 89, E5, 83, EC, 18, 8B, 45, 08, 89, 44, 24, 0C, 8B, 45, 08...
 
[+]

Entropy:
4.7443

Packer / compiler:
Dev-C++ 4.9.9.2

Code size:
3 KB (3,072 bytes)

Scan sleep.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.