HOSTNAME.EXE
- File Path:
C:\Windows\system32\HOSTNAME.EXE - Description: Hostname APP
Hashes
| Type | Hash |
|---|---|
| MD5 | 7F95220A65A5A5D4A98873E86EF2E549 |
| SHA1 | 28BFFEA3033FDAED22759324FE691992FB533A9C |
| SHA256 | 1BFF2907C456F99277F45F9B2A21B1B3F11F6C01587D9E6D6F0B2B5F1472FE92 |
| SHA384 | FC43816F09F42FFA85EF1E0E6F9794D90DDB224F785100E991049BF098B652BE894EB7343FB3E1AF4013D460BAC07185 |
| SHA512 | 6F88603EE204D1131E37515D198D663549D73C0B5D2127CC88DCA1E5FD4DC7CC2EDBBD0E425AC330DAA746564578AF9344909B1C7B939D0762B9B9B38D31C42A |
| SSDEEP | 192:OxyxH6lzKFcnrRYUvZfdsCEeQgEebGXgEXabtwlQNWa6W:GyUuFoFPvraNkg8bttWa6W |
| IMP | 5CD891320C666621E9783444DB8CBA78 |
| PESHA1 | ECCF136EB2AB43DF9F07D30F48533A0E284E2653 |
| PE256 | 5FC6E42C17DB2DC8F5F91CC2FFA6579F7B20FE01D27BC301586108E66019D5E9 |
Runtime Data
Usage (stdout):
Prints the name of the current host.
hostname
Usage (stderr):
sethostname: Use the Network Control Panel Applet to set hostname.
hostname -s is not supported.
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266 - Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840 - Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
File Metadata
- Original Filename: hostname.exe.mui
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.17763.1 (WinBuild.160101.0800)
- Product Version: 10.0.17763.1
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/69
- VirusTotal Link: https://www.virustotal.com/gui/file/1bff2907c456f99277f45f9b2a21b1b3f11f6c01587d9e6d6f0b2b5f1472fe92/detection/
File Similarity (ssdeep match)
| File | Score |
|---|---|
| C:\WINDOWS\system32\HOSTNAME.EXE | 69 |
Possible Misuse
The following table contains possible examples of HOSTNAME.EXE being misused. While HOSTNAME.EXE is not inherently malicious, its legitimate functionality can be abused for malicious purposes.
| Source | Source File | Example | License |
|---|---|---|---|
| sigma | apt_silence_downloader_v3.yml | - '\hostname.exe' |
DRL 1.0 |
| sigma | proc_creation_win_multiple_suspicious_cli.yml | - hostname.exe |
DRL 1.0 |
| sigma | proc_creation_win_susp_commands_recon_activity.yml | - hostname.exe |
DRL 1.0 |
| sigma | proc_creation_win_susp_hostname.yml | Image\|endswith: \HOSTNAME.EXE |
DRL 1.0 |
Additional Info*
*The information below is copied from MicrosoftDocs, which is maintained by Microsoft. Available under CC BY 4.0 license.
hostname
Applies to: Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012
Displays the host name portion of the full computer name of the computer.
[!IMPORTANT] This command is available only if the Internet Protocol (TCP/IP) protocol is installed as a component in the properties of a network adapter in Network.
Syntax
hostname
Parameters
| Parameter | Description |
|---|---|
| /? | Displays help at the command prompt. |
Any parameter different than /? produces an error message and sets the errorlevel to 1.
Notes
- Environment variable
%COMPUTERNAME%usually will print the same string ashostname, but in uppercase. - If environment variable
_CLUSTER_NETWORK_NAME_is defined,hostnamewill print its value.
Examples
- To display the name of the computer, type:
hostname
- To display the name of the computer in uppercase:
echo %COMPUTERNAME%
- To alter the hostname output:
set "_CLUSTER_NETWORK_NAME_=Altered Computer Name"
hostname
Additional References
MIT License. Copyright (c) 2020-2021 Strontic.