» followme.exe
Overview
Analysis
File Details
Downloads (1)

followme.exe

File name:

followme.exe

MD5:

8ca075b1fb010444d86e822d838a835d

SHA-1:

6fcc6da682c3fb4acef2aec6277e06351a20c06e

SHA-256:

ccf14ded5be02d52f094af75183e285905b2e3aa11c9f653bf3465c539f14086

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/27/2024 5:35:31 AM UTC (today)

File size:

1.1 MB (1,205,248 bytes)

File type:

Executable application (Win64 EXE)

Language:

English (United Kingdom)

Common path:

C:\users\{user}\downloads\followme.exe

File PE Metadata

Compilation timestamp:

2/26/2015 2:35:37 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

24576:KGphMuzBMCx3Kta4ATJAH1mfpugR/md1bV5aangt:ZZzO43KtaISugRed1bVkag

Entry address:

0x2C9D4

Entry point:

48, 83, EC, 28, E8, CF, AF, 00, 00, 48, 83, C4, 28, E9, 36, FE, FF, FF, CC, CC, 40, 53, 48, 83, EC, 10, 41, B9, 02, 00, 00, 00, 33, C9, 45, 8D, 51, FF, 44, 89, 0D, 33, 6A, 0A, 00, 41, 8B, C2, 44, 89, 15, 25, 6A, 0A, 00, 0F, A2, 89, 04, 24, 89, 5C, 24, 04, 89, 54, 24, 0C, 0F, BA, E1, 14, 73, 2B, 44, 89, 0D, 0B, 6A, 0A, 00, C7, 05, 05, 6A, 0A, 00, 06, 00, 00, 00, 0F, BA, E1, 1C, 73, 14, C7, 05, F1, 69, 0A, 00, 03, 00, 00, 00, C7, 05, EB, 69, 0A, 00, 0E, 00, 00, 00, 44, 8B, 05, C0, CF, 0A, 00, 33, C9, B8, 07... 
[+]

Entropy:

6.0747

Code size:

656.5 KB (672,256 bytes)

The file followme.exe has been seen being distributed by the following URL.

http://prn-prt04.thefacebook.com/.../Followme.exe

Scan followme.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.