home

saloon2.exe

MD5:
2d3a3fe48469fb150b95a50254992890

SHA-1:
908e8507c6c8e36e89cfa3cfccac4d7396896628

SHA-256:
6e8ce8faa0232d08d74105352342ff164f0d7221e6efdab345d94057e6acb3ba

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 7:35:59 PM UTC  (today)

File size:
6.8 KB (6,996 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\saloon2.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
96:AfFjoQp85mHvp/wBntHwuzyPffGayOx9kA7GBKkDEVH9i/CkhhO7k2l2ykXn20Co:Alnp8559zO3UOx9Wwl9izhAHg0vG

Entry point:
3C, 21, 44, 4F, 43, 54, 59, 50, 45, 20, 48, 54, 4D, 4C, 3E, 0D, 0A, 3C, 68, 65, 61, 64, 3E, 0D, 0A, 3C, 73, 63, 72, 69, 70, 74, 20, 74, 79, 70, 65, 3D, 27, 74, 65, 78, 74, 2F, 6A, 61, 76, 61, 73, 63, 72, 69, 70, 74, 27, 3E, 77, 69, 6E, 64, 6F, 77, 2E, 47, 6F, 6F, 62, 3D, 7B, 7D, 3B, 77, 69, 6E, 64, 6F, 77, 2E, 47, 6F, 6F, 62, 2E, 70, 61, 72, 61, 6D, 73, 3D, 7B, 42, 72, 6F, 77, 73, 65, 72, 4E, 61, 6D, 65, 3A, 27, 63, 68, 72, 6F, 6D, 65, 2E, 65, 78, 65, 27, 2C, 53, 50, 61, 72, 61, 6D, 3A, 27, 47, 32, 49, 7A...
 
[+]

Entropy:
5.6882

The file saloon2.exe has been seen being distributed by the following URL.

http://zmupload.com/.../saloon2.exe

Scan saloon2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.