home

play.exe

MD5:
eb481d96a6b660169138f580bc6d55d2

SHA-1:
e4ceae3a036960b041ae823e314139ee36e6854c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 5:40:33 PM UTC  (today)

File size:
8.6 KB (8,815 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\play.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
192:eCqOg3VHHhUAcjgt5YVZs9plBXw2MOO/Ormop:i3JHe2tt3Xw2MO2Up

Entry point:
3C, 68, 74, 6D, 6C, 3E, 0D, 0A, 3C, 68, 65, 61, 64, 3E, 0D, 0A, 3C, 74, 69, 74, 6C, 65, 3E, 70, 6C, 61, 79, 2E, 65, 78, 65, 20, 3A, 3A, 20, 46, 72, 65, 65, 20, 46, 69, 6C, 65, 20, 48, 6F, 73, 74, 69, 6E, 67, 20, 2D, 20, 46, 69, 6C, 65, 20, 44, 72, 6F, 70, 70, 65, 72, 3A, 20, 46, 69, 6C, 65, 20, 48, 6F, 73, 74, 20, 66, 6F, 72, 20, 4D, 70, 33, 2C, 20, 56, 69, 64, 65, 6F, 73, 2C, 20, 4D, 75, 73, 69, 63, 2C, 20, 44, 6F, 63, 75, 6D, 65, 6E, 74, 73, 2E, 3C, 2F, 74, 69, 74, 6C, 65, 3E, 0D, 0A, 0D, 0A, 0D, 0A, 3C...
 
[+]

Entropy:
5.3820

The file play.exe has been seen being distributed by the following URL.

http://co99-onlin.weebly.com/uploads/8/7/2/9/.../play.exe

Scan play.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.