home

basics.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from moodle.mec.edu.om.
MD5:
333bee6ad11a834badaac6e618cb8cef

SHA-1:
e1e002b6243129c6eebd6a21caa8add94330562e

SHA-256:
e2aea45b511b8708a56694aee050c2fb6462fdf26b0b806b8829691dca35680c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 6:43:13 PM UTC  (today)

File size:
101.3 KB (103,744 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\basics.exe

File PE Metadata
Compilation timestamp:
9/25/2014 8:08:03 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
1.5

CTPH (ssdeep):
1536:qvT8UKGD03DBfbwzz6x6t1oKOWxJXdo5n1lh0ZMDC8hfuqDzgviqAbdddrBjf1ME:qbpFWDV0/tOcdo5hyMVUxGjBr1x

Entry address:
0x11A7

Entry point:
64, A1, 00, 00, 00, 00, 55, 89, E5, 6A, FF, 68, 28, 30, 40, 00, 68, 9A, 10, 40, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 10, 53, 56, 57, 89, 65, E8, E8, 16, 01, 00, 00, 68, 1C, 30, 40, 00, FF, 35, 20, 30, 40, 00, 68, 50, 30, 40, 00, 68, 40, 30, 40, 00, 68, 30, 30, 40, 00, E8, 37, 06, 00, 00, 83, C4, 14, 68, CC, 16, 40, 00, 6A, 0B, E8, AC, 06, 00, 00, 83, C4, 08, A3, 14, 30, 40, 00, C7, 05, 14, 30, 40, 00, CC, 16, 40, 00, FF, 35, 50, 30, 40, 00, FF, 35, 40, 30, 40, 00, FF, 35, 30, 30, 40, 00, 89, 25, 18...
 
[+]

Entropy:
7.7708

Developed / compiled with:
Microsoft Visual C++ (3.0 old crap)

Code size:
2.5 KB (2,560 bytes)

The file basics.exe has been seen being distributed by the following URL.

https://moodle.mec.edu.om/ms2016/mod/.../view.php?id=2961

Scan basics.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.