| File Path | Type and Hashes |
|---|
| Match Rules |
|---|
| File Name: | xHypeBot.exe |
| File Type: | PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows |
| SHA1: | 788fb5118edda2e3aea788ff3578ee1c082110f8 |
| MD5: | 75b8fd1d23484270e08975711969f10f |
| First Seen Date: | 2016-02-08 14:12:12.732283 ( ) |
| Number of Clients Seen: | 7 |
| Last Analysis Date: | 2016-02-08 14:12:12.718337 ( ) |
| Human Expert Analysis Date: | 2016-02-08 14:26:58.789204 ( ) |
| Human Expert Analysis Result: | Malware |
| Property | Value |
|---|---|
| number of sections | 3 |
| file size | 463360 |
| entry point | 0x4638fe (.text) |
| mime type | application/x-dosexec |
| machine type | Intel 386 or later - 32Bit |
| compilation time stamp | 0x56B73A61 [Sun Feb 7 12:36:49 2016 UTC] |
| sha256 | f4d94bc49c1e2c696aad2738d4bcd73caa746533cdd3882b8816d49a078aa201 |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | MD5 |
|---|---|---|---|---|---|
| .text | 0x2000 | 0x61904 | 0x61a00 | 7.886851[SUSPICIOUS] | - |
| .rsrc | 0x64000 | 0xb690 | 0xb800 | 7.975779[SUSPICIOUS] | - |
| .reloc | 0x70000 | 0xc | 0x200 | 0.081539[SUSPICIOUS] | - |
-
mscoree.dll
- _CorExeMain
RT_ICON
RT_GROUP_ICON