home

rectangle.exe

MD5:
f17d4679fb16dfdb3692ff4f7fc719c9

SHA-1:
c5405bdf803c3d6c9ead5c4fe99ed2948fe08f28

SHA-256:
f88a6ce4fb886b50eb58cba0d13ebdbbeb29f651d3a4c703da6bdc6e61d4bf09

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/23/2024 3:24:27 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Trojan.Siggen6.62768
9.0.1.05190

F-Prot
W32/Graftor.X.gen
4.6.5.141

File size:
1.2 MB (1,306,290 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\rectangle.exe

File PE Metadata
Compilation timestamp:
11/4/2015 8:06:47 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.23

CTPH (ssdeep):
24576:tdB0y+sIcLJ/8MeTE0vCh9j1q3h34vWn6:N+7cBBF1z

Entry address:
0x1280

Entry point:
83, EC, 1C, C7, 04, 24, 01, 00, 00, 00, FF, 15, 64, 42, 4A, 00, E8, 6B, FD, FF, FF, 8D, 74, 26, 00, 8D, BC, 27, 00, 00, 00, 00, 83, EC, 1C, C7, 04, 24, 02, 00, 00, 00, FF, 15, 64, 42, 4A, 00, E8, 4B, FD, FF, FF, 8D, 74, 26, 00, 8D, BC, 27, 00, 00, 00, 00, A1, 88, 42, 4A, 00, FF, E0, 89, F6, 8D, BC, 27, 00, 00, 00, 00, A1, 7C, 42, 4A, 00, FF, E0, 90, 90, 90, 90, 90, 90, 90, 90, 90, 55, 89, E5, 83, EC, 18, C7, 04, 24, 00, 40, 47, 00, E8, BA, 9E, 01, 00, 52, 85, C0, 74, 65, C7, 44, 24, 04, 13, 40, 47, 00, 89...
 
[+]

Entropy:
5.8916

Code size:
431.5 KB (441,856 bytes)

The file rectangle.exe has been seen being distributed by the following URL.

https://doc-08-c0-docs.googleusercontent.com/docs/securesc/vvegfu1eihtp69kjqis8mquvckvnrl2j/lskuvk93qijqgnr9felpaarfgohinv53/1458172800000/.../16378808344605582601/0B08yOvEUtucSbmExcGd4eUtEamM?e=download

Scan rectangle.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.