» bot-sentry-1.3.0.exe
Overview
Analysis
File Details
Downloads (3)

bot-sentry-1.3.0.exe

The executable bot-sentry-1.3.0.exe has been detected as malware by 1 anti-virus scanner. This is a setup program which is used to install the application. The file has been seen being downloaded from master-dl.sourceforge.net and multiple other hosts.

File name:

MD5:

23ab75d7558b2111f6af35638f189064

SHA-1:

344075cdce3a1bc8eea9ec9d3c743b6217d8e2a3

SHA-256:

d595b7fbe03efedb6c317b47d5ba3cfdcd49194e87cbd1c5eb0f3ebdb27d70c2

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

12/26/2024 4:17:00 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Threat.Win.Reputation.IMP

14.9.24.9

File size:

234.9 KB (240,544 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\bot-sentry-1.3.0.exe

File PE Metadata

Compilation timestamp:

6/9/2008 12:10:46 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.56

CTPH (ssdeep):

6144:fqRmvxEaw12lcH/8cKZUnt4o/eCTqFHK5s8n3L52qx8QWR+/8:fqRmpG12lcvzt4ok9K5s8n7iI/8

Entry address:

0x3987

Entry point:

55, 89, E5, 57, 56, 53, 81, EC, 7C, 01, 00, 00, E8, D8, 49, 00, 00, 83, EC, 0C, 68, 01, 80, 00, 00, E8, 3B, 43, 00, 00, 6A, 00, E8, 14, 4A, 00, 00, A3, 78, 4C, 42, 00, 6A, 08, E8, 37, 27, 00, 00, A3, 28, 4D, 42, 00, 8D, 85, 90, FE, FF, FF, 6A, 00, 68, 60, 01, 00, 00, 50, 6A, 00, 68, A4, A2, 40, 00, E8, C9, 48, 00, 00, 83, EC, 0C, 68, A5, A2, 40, 00, 68, 58, 4D, 42, 00, E8, 57, 29, 00, 00, 83, C4, 18, E8, FF, 42, 00, 00, 52, 52, 50, 68, 00, D0, 42, 00, E8, 42, 29, 00, 00, 57, 6A, 00, E8, BA, 41, 00, 00, 83... 
[+]

Code size:

29.5 KB (30,208 bytes)

The file bot-sentry-1.3.0.exe has been seen being distributed by the following 3 URLs.

https://master-dl.sourceforge.net/project/pidgin-bs/bot-sentry/.../bot-sentry-1.3.0.exe

https://downloads.sourceforge.net/project/pidgin-bs/bot-sentry/.../bot-sentry-1.3.0.exe

http://downloads.sourceforge.net/project/pidgin-bs/bot-sentry/.../bot-sentry-1.3.0.exe

Remove bot-sentry-1.3.0.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.