home

winutils.exe

MD5:
fa980bdec14219ff0263177bf14fc2e7

SHA-1:
82b16211b0f15b114014d8de86c8f68599d9c1f2

SHA-256:
0922eaa9a4771047da519bd777026403895fba7a57d2a5aef3001a2a2a325d25

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 3:08:31 AM UTC  (today)

File size:
105.5 KB (108,032 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\winutils.exe

File PE Metadata
Compilation timestamp:
11/19/2014 12:04:38 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
3072:BWzYHk3hscjv2KIaOq8ROXW2MViGdu42XLO8Q:xE3hsc6aOq80W

Entry address:
0x10158

Entry point:
48, 83, EC, 28, E8, 43, 04, 00, 00, 48, 83, C4, 28, E9, 9E, FD, FF, FF, FF, 25, D8, 12, 00, 00, 48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 8B, F2, 48, 8B, D9, F6, C2, 02, 74, 2A, 44, 8B, 41, F8, 4C, 8D, 0D, 8C, 05, 00, 00, BA, 18, 00, 00, 00, E8, 06, 05, 00, 00, 40, F6, C6, 01, 74, 09, 48, 8D, 4B, F8, E8, BD, FF, FF, FF, 48, 8D, 43, F8, EB, 16, E8, 68, 05, 00, 00, 40, F6, C6, 01, 74, 08, 48, 8B, CB, E8, A4, FF, FF, FF, 48, 8B, C3, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F...
 
[+]

Entropy:
5.3146

Code size:
63.5 KB (65,024 bytes)

The file winutils.exe has been seen being distributed by the following 2 URLs.

https://github.com/steveloughran/winutils/raw/master/hadoop-2.6.0/.../winutils.exe

https://github.com/steveloughran/winutils/blob/master/hadoop-2.6.0/.../winutils.exe

Scan winutils.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.