pong.exe

2007 Microsoft Office system

Lorian Security Consultants

Publisher:
Microsoft Corporation  (signed by Lorian Security Consultants)

Product:
2007 Microsoft Office system

Version:
12.0.4518

MD5:
db7e14ced2ddbdbcb3a41377097dfac2

SHA-1:
33d0c85e4757ba93dee7ef0d0142bc868b1c4734

SHA-256:
57c9c886b201e56c5bb8aa5bd33de5c4c229b6bb54b01df737b7b00a06741daf

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 2:43:11 PM UTC  (today)

File size:
825.4 KB (845,184 bytes)

Product version:
12.0.4518

Copyright:
© 2006 Microsoft Corporation. All rights reserved.

Original file name:
selly002.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\pong.exe

Digital Signature
Authority:
Lorian Security Consultants

Valid from:
2/24/2016 9:35:12 PM

Valid to:
2/23/2017 9:35:12 PM

Subject:
E=info@loriansec.com, OU=Certification, O=Lorian Security Consultants, L=Seattle, S=Washington, C=US, CN=LorianSec

Issuer:
E=info@loriansec.com, OU=Certification, O=Lorian Security Consultants, L=Seattle, S=Washington, C=US, CN=LorianSec

Serial number:
00C47EA3B0C07C98F2

File PE Metadata
Compilation timestamp:
2/25/2016 1:49:45 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:jYZeZTflQg+4/ObNu2045bJsTrCOM1u0:DSdJg

Entry address:
0xC60DE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.1859

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
788 KB (806,912 bytes)

The file pong.exe has been seen being distributed by the following URL.

Scan pong.exe - Powered by Reason Core Security