home

thebat.exe

RITLABS S.R.L.

Publisher:
RITLABS S.R.L.  (signed and verified)

MD5:
228ca0665aa4338b9886f1166dc1349e

SHA-1:
a12fdee298d29d8a470172b99042fce773782985

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/28/2024 3:47:48 AM UTC  (today)

File size:
6 MB (6,267,400 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\the bat!\thebat.exe

Digital Signature
Signed by:
RITLABS S.R.L.

Authority:
VeriSign, Inc.

Valid from:
3/26/2003 7:00:00 AM

Valid to:
3/31/2004 6:59:59 AM

Subject:
CN=RITLABS S.R.L., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=RITLABS S.R.L., L=Chisinau, S=MD, C=MD

Issuer:
CN=VeriSign Class 3 Code Signing 2001 CA, OU=Terms of use at https://www.verisign.com/rpa (c)01, OU=VeriSign Trust Network, O="VeriSign, Inc."

Serial number:
371DB76C8D6F1E6BD127FF3C9F059C23

File PE Metadata
Compilation timestamp:
6/20/1992 5:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:gC99evniTesY9oUZZHqa10KyXCvs9T9ZhjyyUUkpqcsoqQ9iM7UBDvKR8UvlQ:v9MvihY9oUZZHqa3yXrXFjk8csoqMiMC

Entry address:
0x491014

Entry point:
55, 8B, EC, 83, C4, F0, 53, 56, 57, B8, 1C, 02, 89, 00, E8, C1, 65, B7, FF, 33, C0, 55, 68, 44, 10, 89, 00, 64, FF, 30, 64, 89, 20, E8, C6, ED, FF, FF, 33, C0, 5A, 59, 59, 64, 89, 10, EB, 0A, E9, B3, 34, B7, FF, E8, 16, 38, B7, FF, 5F, 5E, 5B, E8, 66, 3C, B7, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.5496

Developed / compiled with:
Microsoft Visual C++

Code size:
4.6 MB (4,784,640 bytes)

Shell Open Command
Open type:
mailto

Command:
"C:\Program Files\the bat!\thebat.exe" %1


Scan thebat.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.