• File Path: C:\windows\SysWOW64\HOSTNAME.EXE
  • Description: Hostname APP


Type Hash
MD5 7EF4AB28A28CD09123DC204B96F589E4
SHA1 8082C8B6D9D6B9B894D6B7FA95CFD13A3F893818
SHA256 8DB9DC2896F6220CBFE25C60A2581E88F3BA6637EA905C55127DA70307BC827C
SHA384 FFD999DB84E7D26C268AFE317063E8A31015302132928DCBCEC3739A478D630F7B8E17CA33C81EF7C3FE3773DBF99384
SHA512 A85A5FDB96816A00000118D1196BBBF0E700FB98F5AB1AF2F65DA1F5576C3681E49ACAE07205D700D886A17E3560A39AC0EEC6F0D59C98D12426B3517685D312
SSDEEP 192:68s/6sTMXR1TpTVls91biSHNXyYl9nWb6W5y:k61XRppw7XNXHWb6W5


  • Status: The file C:\windows\SysWOW64\HOSTNAME.EXE is not digitally signed. You cannot run this script on the current system. For more information about running scripts and setting execution policy, see about_Execution_Policies at
  • Serial: ``
  • Thumbprint: ``
  • Issuer:
  • Subject:

File Metadata

  • Original Filename: hostname.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 6.3.9600.16384 (winblue_rtm.130821-1623)
  • Product Version: 6.3.9600.16384
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

Possible Misuse

The following table contains possible examples of HOSTNAME.EXE being misused. While HOSTNAME.EXE is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
sigma apt_silence_downloader_v3.yml - '\hostname.exe' DRL 1.0
sigma win_multiple_suspicious_cli.yml - hostname.exe DRL 1.0
sigma win_susp_commands_recon_activity.yml - hostname.exe DRL 1.0

Additional Info*

*The information below is copied from MicrosoftDocs, which is maintained by Microsoft. Available under CC BY 4.0 license.


Applies to: Windows Server (Semi-Annual Channel), Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012

Displays the host name portion of the full computer name of the computer.

[!IMPORTANT] This command is available only if the Internet Protocol (TCP/IP) protocol is installed as a component in the properties of a network adapter in Network.




| Parameter | Description | | ——- | ——– | | /? | Displays help at the command prompt. |


To display the name of the computer, type:


Additional References

MIT License. Copyright (c) 2020-2021 Strontic.