classify.exe
- File Path:
C:\Program Files\SplunkUniversalForwarder\bin\classify.exe
- Description: classify
Hashes
| Type |
Hash |
| MD5 |
184E1137D0C14E2A607C2F9236CC3362 |
| SHA1 |
4A3E802C6C03AA80CB6F7584B42F2114C818895F |
| SHA256 |
4CD0CA76227F63198B060B9177458A929849F25F579D04FFA9A1E80C0D4FB27A |
| SHA384 |
ECA282C050B179ED60D71B82415D5C7F879CC61E9F75330186AD78210BD56C71F5FB3E8B31D05975630A8FF675F06100 |
| SHA512 |
C924679D7FAFB0E9296E1E15CA7D409D6A3F1B1EB2827BDB0931E78064D08D24267F2EF4D0480199AAE55E37964D3408A5A514192515EC94248B406BEC20D7BD |
| SSDEEP |
1536:Nc6yBpRvPW6Nf0t8yIYEKF81PL9CoAgyX1q/IE:Nc6yBpRvPWI79YEKyr3AgyY/r |
| IMP |
D7E7C7FB1023AE6F5D81B244992E7451 |
| PESHA1 |
9576579690936C981292517A1B60F3EEEEBB302E |
| PE256 |
221B40EE2846C02FC97D1EECBC991B20F9B33CCFACF0C5F26F74AEBEBEBA410F |
Runtime Data
Usage (stderr):
SPLUNK_HOME must be set. Stopping.
Loaded Modules:
| Path |
| C:\Program Files\SplunkUniversalForwarder\bin\classify.exe |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
Signature
- Status: Signature verified.
- Serial:
014E132916D610BB301B22ABBD994616
- Thumbprint:
B8B4F0D3FD0571E184DEBB76A1F6DB73F30FA233
- Issuer: CN=DigiCert EV Code Signing CA (SHA2), OU=www.digicert.com, O=DigiCert Inc, C=US
- Subject: CN=”Splunk, Inc.”, O=”Splunk, Inc.”, L=San Francisco, S=California, C=US, SERIALNUMBER=4109614, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US
- Original Filename: classify.exe
- Product Name: splunk Application
- Company Name: Splunk Inc.
- File Version: 8.2.3
- Product Version: 8.2.3 (Build cd0848707637)
- Language: English (United States)
- Legal Copyright: Copyright (C) 2005-2021
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/73
- VirusTotal Link: https://www.virustotal.com/gui/file/4cd0ca76227f63198b060b9177458a929849f25f579d04ffa9a1e80c0d4fb27a/detection
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.