× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 339764b340b4c70a02835054993c13d7a2562b8ced06168ae1318ebc0c52680e
Dateiname: kasati.exe
Erkennungsrate: 28 / 62
Analyse-Datum: 2017-07-14 07:20:41 UTC ( vor 1 Jahr, 7 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
AegisLab Troj.Spy.W32!c 20170714
AhnLab-V3 Trojan/Win32.Crypt.C2035268 20170714
Antiy-AVL Trojan[Spy]/Win32.Noon 20170714
Avast Win32:Malware-gen 20170714
AVG Win32:Malware-gen 20170714
Avira (no cloud) TR/Crypt.ZPACK.dypqe 20170713
AVware Trojan.Win32.Generic!BT 20170714
CAT-QuickHeal Trojanspy.Noon 20170714
CrowdStrike Falcon (ML) malicious_confidence_80% (D) 20170710
ESET-NOD32 a variant of Win32/GenKryptik.ANSB 20170714
GData Win32.Trojan.Agent.X7NIMC 20170714
K7AntiVirus Trojan ( 00511ca81 ) 20170714
K7GW Trojan ( 00511ca81 ) 20170714
Kaspersky Trojan-Spy.Win32.Noon.ez 20170714
McAfee Artemis!5A7E64ACB1B3 20170714
McAfee-GW-Edition Artemis 20170714
NANO-Antivirus Trojan.Win32.Noon.equgpu 20170714
Palo Alto Networks (Known Signatures) generic.ml 20170714
Qihoo-360 Win32/Trojan.Spy.e3b 20170714
Rising Trojan.GenKryptik!8.AA55 (cloud:odz0X7KbYOC) 20170714
Sophos AV Mal/Generic-S 20170714
Symantec Trojan.Gen.2 20170714
Tencent Win32.Trojan-spy.Noon.Sxfa 20170714
TrendMicro-HouseCall TROJ_GEN.R021H0DG817 20170714
VIPRE Trojan.Win32.Generic!BT 20170714
ViRobot Trojan.Win32.Z.Noon.652736 20170714
Webroot W32.Adware.Gen 20170714
ZoneAlarm by Check Point Trojan-Spy.Win32.Noon.ez 20170714
Ad-Aware 20170714
Alibaba 20170714
ALYac 20170714
Arcabit 20170714
Baidu 20170714
BitDefender 20170714
Bkav 20170713
ClamAV 20170714
CMC 20170713
Comodo 20170714
Cylance 20170714
Cyren 20170714
DrWeb 20170714
Emsisoft 20170714
Endgame 20170713
F-Prot 20170714
F-Secure 20170714
Fortinet 20170629
Sophos ML 20170607
Jiangmin 20170714
Kingsoft 20170714
Malwarebytes 20170714
MAX 20170714
Microsoft 20170714
eScan 20170714
nProtect 20170714
Panda 20170713
SentinelOne (Static ML) 20170516
SUPERAntiSpyware 20170714
Symantec Mobile Insight 20170713
TheHacker 20170712
TrendMicro 20170714
Trustlook 20170714
VBA32 20170713
WhiteArmor 20170713
Yandex 20170713
Zillya 20170713
Zoner 20170714
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(C) 2016 NVIDIA Corporation. All rights reserved.

Product NVIDIA GeForce Experience
Internal name NVIDIA GeForce Experience
File version 51.2704.1434.1
Description NVIDIA GeForce Experience
Signature verification The digital signature of the object did not verify.
Signing date 10:01 AM 1/9/2019
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-07-04 18:27:14
Entry Point 0x00032B6A
Number of sections 6
PE sections
Overlays
MD5 8a053f43848dd81eb1b4ab6bf5521fe7
File type data
Offset 637952
Size 14784
Entropy 7.40
PE imports
SystemFunction036
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
IsProcessorFeaturePresent
EnterCriticalSection
LCMapStringW
GetModuleFileNameW
GetConsoleCP
FreeLibrary
QueryPerformanceCounter
HeapReAlloc
IsDebuggerPresent
ExitProcess
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
RtlUnwind
GetStdHandle
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
HeapSize
GetCurrentProcessId
WriteConsoleW
GetCommandLineW
GetCPInfo
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
GetStartupInfoW
SetFilePointerEx
FreeEnvironmentStringsW
VirtualProtect
GetCommandLineA
GetProcAddress
InitializeSListHead
GetProcessHeap
SetStdHandle
RaiseException
WideCharToMultiByte
TlsFree
FindNextFileW
SetUnhandledExceptionFilter
WriteFile
DecodePointer
CloseHandle
GetSystemTimeAsFileTime
GetACP
FindFirstFileExW
GetStringTypeW
GetModuleHandleW
GetOEMCP
TerminateProcess
GetModuleHandleExW
IsValidCodePage
CreateFileW
FindClose
TlsGetValue
GetFileType
TlsSetValue
HeapAlloc
GetCurrentThreadId
SetLastError
LeaveCriticalSection
_pipe
Ord(764)
_chmod
_commit
_vsnwprintf
Ord(975)
Ord(771)
_chdrive
_chgsign
_close
_chsize_s
Ord(978)
_cgetws
_chvalidator
Ord(765)
_clearfp
_popen
_pgmptr
Ord(976)
Ord(768)
_vsnwprintf_l
_vsnwprintf_s_l
Number of PE resources by type
RT_ICON 6
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL DEFAULT 5
ENGLISH US 4
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
6.0

InitializedDataSize
390144

ImageVersion
0.0

ProductName
NVIDIA GeForce Experience

FileVersionNumber
51.2704.1434.1

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Latin1

LinkerVersion
14.0

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
51.2704.1434.1

TimeStamp
2017:07:04 19:27:14+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
NVIDIA GeForce Experience

ProductVersion
51.2704.1434.1

FileDescription
NVIDIA GeForce Experience

OSVersion
6.0

FileOS
Unknown (0)

LegalCopyright
(C) 2016 NVIDIA Corporation. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
NVIDIA Corporation

CodeSize
245760

FileSubtype
0

ProductVersionNumber
51.2704.1434.1

EntryPoint
0x32b6a

ObjectFileType
Unknown

Compressed bundles
File identification
MD5 5a7e64acb1b318f2d9e96395bd29ed1c
SHA1 10f4958ef11ee8e4b2dfc28acf1707df51235e50
SHA256 339764b340b4c70a02835054993c13d7a2562b8ced06168ae1318ebc0c52680e
ssdeep
3072:27Yfs9krkHG1by/iX3padtF9c0TYwU+CRb7tCcZCir/cKhSyy6nJWwkSCuDfT83b:oCsAJFX3wTF9aVRH3Zx/cKhSyrnIL

authentihash 0bffb2e6b0490106352d57bd72fd42ec93747a9581f2c6183f03de5a6021703f
imphash 92f2e474f63049d4a8935077ae96f840
File size 637.4 KB ( 652736 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (72.3%)
Win32 Executable (generic) (11.8%)
OS/2 Executable (generic) (5.3%)
Generic Win/DOS Executable (5.2%)
DOS Executable Generic (5.2%)
Tags
peexe via-tor overlay

VirusTotal metadata
First submission 2017-07-09 00:48:26 UTC ( vor 1 Jahr, 7 Monate )
Last submission 2019-01-09 09:07:34 UTC ( vor 1 Monat, 1 Woche )
Dateinamen 5a7e64acb1b318f2d9e96395bd29ed1c.virus
systraydz7.cmd
kasati.ex1
NVIDIA GeForce Experience
kasati.exe
systraydz7.cmd
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!