» grades.exe
Overview
Analysis
File Details
Downloads (1)

grades.exe

WindowsApplication1

Microsoft

File name:

grades.exe

Publisher:

Microsoft

Product:

WindowsApplication1

Version:

1.0.0.0

MD5:

26c5828a5f4f7160912c7c3b02b2f7cb

SHA-1:

75371ca773d7f7412487c7fb37ecaafd34ff4ed6

SHA-256:

70496bec9491999dd844d46e93c224ef4e4a03d97bd868c380f882f905a25595

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

11/5/2024 9:51:30 AM UTC (today)

Scan engine

Detection

Engine version

AegisLab AV Signature

Troj.W32.Gen

2.1.4+

Qihoo 360 Security

QVM03.0.Malware.Gen

1.0.0.1120

File size:

100.5 KB (102,912 bytes)

Product version:

1.0.0.0

Original file name:

WindowsApplication1.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\grades.exe

File PE Metadata

Compilation timestamp:

2/5/2016 12:16:58 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

1536:uFSbciwTRluvsqvCjQN+9RtjjTJsipZiCnTrYIoBH1yJu7olTC2f7:kzicuvsqPYjjTJ5DTrYNpqC2z

Entry address:

0x19DDE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, DA, CD, B3, 56, 00, 00, 00, 00, 02, 00, 00, 00, 9D, 00, 00, 00, 1C, A0, 01, 00, 1C, 82, 01, 00, 52, 53, 44, 53, 60, C0, 72, 54, 86, 29, 42, 4F, B6, 32, CF, 6A, CC, 78, 42, C5, 01, 00, 00, 00, 43, 3A, 5C, 55, 73, 65, 72, 73, 5C, 6D, 6F, 68, 61, 6D, 65, 64, 5C, 64, 6F, 63, 75, 6D, 65, 6E, 74, 73, 5C, 76, 69, 73, 75, 61, 6C, 20, 73, 74, 75, 64, 69, 6F, 20, 32... 
[+]

Entropy:

6.9747

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

95.5 KB (97,792 bytes)

The file grades.exe has been seen being distributed by the following URL.

http://download1284.mediafire.com/e2qy5dhrn1pg/.../Grades.exe

Scan grades.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.