chattr.exe
- File Path:
C:\Users\user\AppData\Local\GitHubDesktop\app-2.5.4\resources\app\git\usr\bin\chattr.exe
Hashes
Type |
Hash |
MD5 |
EA2E956C8B2D11F9337CBC99AFB7D91F |
SHA1 |
FF6B87036556C804925458EE4698D3EF15013871 |
SHA256 |
FDFFA6014B48A4CD9CEEAB7B9ABA6897C971473968D6460AFE29C01AF894A505 |
SHA384 |
72ADAD219C41EB78D89C267474E8C242AAFFEC7DC368C919485A58C7F0912EEBFE47EC2A80AEA5FC7D5BD6A0D7BC6DB6 |
SHA512 |
BBF342F57244198CACA5AA0309B546DC3AE18A35B5C7FC5D70C6F7785F7714BB754CD8AC158FE12ED1F9581280D412E0A145E11AF8005555CB8C67F673BA0EF8 |
SSDEEP |
3072:QdOgpvCBwBWGbn1WymDSGPadReQRI2XhQtTA9iHCcGfEUupe:QdZpvCBoWGuDSGPOIOhQt0iFGs5pe |
Runtime Data
Usage (stdout):
Usage: chattr [-RVfhv] [+-=mode]... [file]...
Change file attributes
-R, --recursive recursively list attributes of directories and their
contents
-V, --verbose Be verbose during operation
-f, --force suppress error messages
-h, --help this help text
-v, --version display the program version
The format of 'mode' is {+-=}[acCehnrsSt]
The operator '+' causes the selected attributes to be added to the
existing attributes of the files; '-' causes them to be removed; and
'=' causes them to be the only attributes that the files have.
Supported attributes:
'r', 'Readonly': file is read-only
'h', 'Hidden': file or directory is hidden
's', 'System': file or directory that the operating system uses
'a', 'Archive': file or directory has the archive marker set
't', 'Temporary': file is being used for temporary storage
'S', 'Sparse': file is sparse
'c', 'Compressed': file or directory is compressed
'n', 'Notindexed': file or directory is not to be indexed by the
content indexing service
'e', 'Encrypted': file is encrypted
'C', 'Casesensitive': directory is handled case sensitive
(Windows 10 1803 or later, local NTFS only,
WSL must be installed)
Usage (stderr):
chattr: Must use at least one of =, + or -
Loaded Modules:
Path |
C:\Users\user\AppData\Local\GitHubDesktop\app-2.5.4\resources\app\git\usr\bin\chattr.exe |
C:\Windows\System32\KERNEL32.DLL |
C:\Windows\System32\KERNELBASE.dll |
C:\Windows\SYSTEM32\ntdll.dll |
Signature
- Status: Signature verified.
- Serial:
045D8F14A82147641722D4FAFC66BC80
- Thumbprint:
FB713A60A7FA79DFC03CB301CA05D4E8C1BDD431
- Issuer: CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US
- Subject: CN=”GitHub, Inc.”, O=”GitHub, Inc.”, L=San Francisco, S=California, C=US
- Original Filename:
- Product Name:
- Company Name:
- File Version:
- Product Version:
- Language:
- Legal Copyright:
File Similarity (ssdeep match)
Possible Misuse
The following table contains possible examples of chattr.exe
being misused. While chattr.exe
is not inherently malicious, its legitimate functionality can be abused for malicious purposes.
MIT License. Copyright (c) 2020-2021 Strontic.