home

sophia.exe

MD5:
41e523f5d964917f7785c6dd4ec58085

SHA-1:
89683266693d812fdb06f68cf7cf7bb90678e010

SHA-256:
5d4ca95ecef76a6f956ea33612e17edd5147d8e3a3752781905d7cfbf9404f79

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 11:31:34 PM UTC  (a few moments ago)

File size:
6 KB (6,133 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\sophia.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
96:rb+AbLwJ4kpOAcKUSkCTetyIfOsDsJOLwVtzGSzRQxZ+r6HfVUk5913WfUe33ULw:PkbpwSkCZImJC6tZ9AVT/3k9nEE5C9I5

Entry point:
2D, 2D, 3D, 3D, 3D, 3D, 3D, 20, 54, 68, 69, 73, 20, 69, 73, 20, 74, 68, 65, 20, 6D, 75, 6C, 74, 69, 70, 61, 72, 74, 20, 6D, 69, 6D, 65, 20, 62, 6F, 75, 6E, 64, 61, 3D, 3D, 3D, 3D, 3D, 31, 38, 34, 35, 33, 32, 31, 37, 38, 0A, 43, 6F, 6E, 74, 65, 6E, 74, 2D, 74, 79, 70, 65, 3A, 20, 61, 70, 70, 6C, 69, 63, 61, 74, 69, 6F, 6E, 2F, 78, 2D, 78, 35, 30, 39, 2D, 75, 73, 65, 72, 2D, 63, 65, 72, 74, 0A, 0A, 30, 80, 06, 09, 2A, 86, 48, 86, F7, 0D, 01, 07, 02, A0, 80, 30, 80, 02, 01, 01, 31, 00, 30, 0B, 06, 09, 2A, 86...
 
[+]

Entropy:
6.4721

The file sophia.exe has been seen being distributed by the following URL.

https://onsite.verisign.com/services/SITASCMessaging/.../sophia.exe

Scan sophia.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.