• File Path: C:\windows\system32\HOSTNAME.EXE
  • Description: Hostname APP


Type Hash
MD5 74D1E6E8AC6ABCC1DE934C8C5E422B64
SHA1 4ED8B225C9CC97DD02C9A5DFD9F733C353F83E36
SHA256 CA40BB9470E8E73767F3AA43DDF51F814481167DEC6C2FAA1996C18AB2C621DB
SHA384 66916ABA3527E1EA31E4D897B7DCC3A03B6B1CA62B7E356B801221FBC67F5BA22EB92369A7C3C99DA22EB616EE3AF147
SHA512 F424F5022A52E8A7A1056ADFA67B1F3053512F2EE633189381E9EC3D61D6F76F605EDC388BD9CB7FCEFDF22128FF246E99891853346E4796BF1BD888D5D8FC29
SSDEEP 192:8cjc5qF40Bv5TnL7GP7lWiEIHJpaBBhtCLsUU/KWArbQSHNe9WlG6BWb6W:8b5qF40t5L4LhKbh3SW+RNe9YWb6W


  • Status: The file C:\windows\system32\HOSTNAME.EXE is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at
  • Serial: ``
  • Thumbprint: ``
  • Issuer:
  • Subject:

File Metadata

  • Original Filename: hostname.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 6.3.9600.16384 (winblue_rtm.130821-1623)
  • Product Version: 6.3.9600.16384
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

Possible Misuse

The following table contains possible examples of HOSTNAME.EXE being misused. While HOSTNAME.EXE is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
sigma apt_silence_downloader_v3.yml - '\hostname.exe' DRL 1.0
sigma win_multiple_suspicious_cli.yml - hostname.exe DRL 1.0
sigma win_susp_commands_recon_activity.yml - hostname.exe DRL 1.0

Additional Info*

*The information below is copied from MicrosoftDocs, which is maintained by Microsoft. Available under CC BY 4.0 license.


Applies to: Windows Server (Semi-Annual Channel), Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012

Displays the host name portion of the full computer name of the computer.

[!IMPORTANT] This command is available only if the Internet Protocol (TCP/IP) protocol is installed as a component in the properties of a network adapter in Network.




| Parameter | Description | | ——- | ——– | | /? | Displays help at the command prompt. |


To display the name of the computer, type:


Additional References

MIT License. Copyright (c) 2020-2021 Strontic.