» ex_winapi_2.exe
Overview
Analysis
File Details
Downloads (1)

ex_winapi_2.exe

File name:

ex_winapi_2.exe

MD5:

656ebb5b8c0d9a98a13a0d7a5119ce02

SHA-1:

74b9779618ebf81044bbd137b4b66cc20d0a5bcd

SHA-256:

d54ad7d4bc8bc10d84f328396dd1a7a83b1e1a2f529b2e4a1fb247e5a1ea0975

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

12/26/2024 12:44:23 AM UTC (today)

File size:

291 KB (297,984 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\ex_winapi_2.exe

File PE Metadata

Compilation timestamp:

9/7/2015 12:30:10 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

3072:kDYG8URw03BpPOp9MnVtiFf4DHF30bOxAkOVciqpdN:O5R9xROp9Qbia7RgOxAZSiqB

Entry address:

0x11186

Entry point:

E9, A5, 0C, 00, 00, E9, 82, 2B, 00, 00, E9, 37, 2C, 00, 00, E9, 14, 2C, 00, 00, E9, 79, 2B, 00, 00, E9, B8, 08, 00, 00, E9, 87, 23, 00, 00, E9, F2, 02, 00, 00, E9, 83, 2B, 00, 00, E9, DE, 1A, 00, 00, E9, FD, 2B, 00, 00, E9, BE, 08, 00, 00, E9, B9, 21, 00, 00, E9, 0C, 2C, 00, 00, E9, 39, 1F, 00, 00, E9, 92, 08, 00, 00, E9, 93, 08, 00, 00, E9, 5E, 20, 00, 00, E9, 71, 20, 00, 00, E9, 64, 2B, 00, 00, E9, B3, 2B, 00, 00, E9, 2C, 08, 00, 00, E9, 51, 08, 00, 00, E9, 32, 2B, 00, 00, E9, ED, 2B, 00, 00, E9, 28, 1D... 
[+]

Entropy:

4.4990

Developed / compiled with:

Microsoft Visual C++ 8.0 (Debug)

Code size:

15.5 KB (15,872 bytes)

The file ex_winapi_2.exe has been seen being distributed by the following URL.

http://parksh86.tistory.com/.../cfile28.uf@2731433C55EC5FE92DF8B7.exe

Scan ex_winapi_2.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.