home

phbot2.exe

phBot

Ryan Clouser

Publisher:
ProjectHax  (signed by Ryan Clouser)

Product:
phBot

Description:
phBot - Silkroad Online Bot

Version:
11.8.1.0

MD5:
3e4e46feaea93795cc9f08a1940c8345

SHA-1:
9fa8ec7e1f7188feac1e353d26ed63cfc18753b5

SHA-256:
cd5477b3974bc2a818c8edfd934cc0c492b2ceeb2f0dbc882419bc2766bd934d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 9:34:24 AM UTC  (today)

File size:
15.5 MB (16,227,456 bytes)

Product version:
11.8.1.0

Copyright:
Copyright (C) 2014 ProjectHax

Original file name:
phBot.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\phbot v11.7.9\phbot2.exe

Digital Signature
Signed by:
Ryan Clouser

Authority:
StartCom Ltd.

Valid from:
11/8/2013 12:13:03 PM

Valid to:
11/8/2015 10:34:04 PM

Subject:
E=ryan@projecthax.com, CN=Ryan Clouser, L=Camp Hill, S=Pennsylvania, C=US, Description=GDbAxi2Z0A7Em5K7

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
0BB8

File PE Metadata
Compilation timestamp:
10/29/2014 5:03:16 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
393216:+BHgFkoeIOUaTEYT4P8KlCVY6ecHli896U0fbpACHu1d2uLZ30RoXPDvE8:aAFAIOUzOrecFgHbpXHu1d2u50RoXPDT

Entry address:
0x27EC585

Entry point:
E9, 3A, 7F, C4, FF, 15, C1, 90, F9, F8, 25, D3, E7, AE, 4A, 61, B5, C2, 37, 57, 62, CB, DC, B3, C1, DB, C2, F7, 71, 0E, 2E, 46, 54, 3A, A8, 91, 09, CE, EB, E8, FF, 92, F3, F1, 4C, 6E, 7F, BD, 60, 3E, 75, FE, B8, 5E, 94, F2, 25, 15, 42, 68, 2A, 17, DC, 2C, 4B, 83, 74, 5D, B6, 9E, 39, 74, 82, DF, CF, 9A, 14, 4B, 73, 05, E3, 90, 64, 3C, 2C, 23, 74, E9, 68, 06, 94, 7D, D8, D2, 57, EB, F5, 79, B0, B0, 88, D2, 25, A9, 66, 39, 2B, 33, 58, E2, 00, A2, 57, 15, 5F, F6, 74, 25, 55, 23, 3A, 2A, 88, D7, 3F, 01, 92, 72...
 
[+]

Entropy:
7.9998

Packer / compiler:
Xtreme-Protector v1.05

Code size:
9.2 MB (9,633,280 bytes)

Scan phbot2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.