home

winplot.exe

MD5:
4d02213b29134d3f7a96c63fb1df8385

SHA-1:
1197a5dfc78721983b79a0930f11a9047c5276b1

SHA-256:
ada27db571810f298b8acada6648c00e5592b76342a891e016ba20f00fe3e2af

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 5:36:30 PM UTC  (today)

File size:
636 KB (651,264 bytes)

File type:
Executable application (Win16 EXE)

Common path:
C:\users\{user}\downloads\winplot.exe

File PE Metadata
OS version:
45.3999

OS bitness:
Win16

Linker version:
25.0

CTPH (ssdeep):
12288:Cro5PLKQ/XwK1Nlmevu8Awl8WcOA26J+EghPVbK:CM5PLJXwK1Nlmeuwl8WG26J+VPVbK

Entry address:
0xC560C40

Entry point:
4D, 5A, 00, 01, 01, 00, 00, 00, 08, 00, 10, 00, FF, FF, 08, 00, 00, 01, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.2658

Code size:
704 KB (720,921 bytes)

The file winplot.exe has been seen being distributed by the following URL.

https://app.schoology.com/system/files/attachments/files/m/201410/course/.../Winplot_5432b4e2060fe.exe

Scan winplot.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.