× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 4db6d2704e7ad3295158c7e8cab5c654c6b4fccbc91e762bf5a69a2c91b3e9b8
Dateiname: hidden-tear.exe
Erkennungsrate: 19 / 59
Analyse-Datum: 2017-06-06 21:33:27 UTC ( vor 1 Jahr, 7 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
Ad-Aware Gen:Variant.Ransom.HiddenTear.3 20170606
ALYac Gen:Variant.Ransom.HiddenTear.3 20170606
Arcabit Trojan.Ransom.HiddenTear.3 20170606
AVG Ransom.HiddenTear 20170606
BitDefender Gen:Variant.Ransom.HiddenTear.3 20170606
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170420
Emsisoft Gen:Variant.Ransom.HiddenTear.3 (B) 20170606
ESET-NOD32 a variant of MSIL/Filecoder.Y 20170606
F-Secure Gen:Variant.Ransom.HiddenTear.3 20170606
Fortinet MSIL/Generic.DN.310E18!tr 20170606
GData Win32.Trojan-Ransom.Filecoder.P@gen 20170606
Sophos ML trojan.win32.skeeyah.a!rfn 20170604
Malwarebytes Ransom.HiddenTear.Generic 20170606
Microsoft Ransom:Win32/HiddenTear.gen 20170606
eScan Gen:Variant.Ransom.HiddenTear.3 20170606
SentinelOne (Static ML) static engine - malicious 20170516
Sophos AV Mal/Cryptear-A 20170606
SUPERAntiSpyware Ransom.HT/Variant 20170606
Webroot W32.Trojan.Gen 20170606
AegisLab 20170606
AhnLab-V3 20170606
Alibaba 20170606
Antiy-AVL 20170606
Avast 20170606
Avira (no cloud) 20170606
AVware 20170606
Baidu 20170601
Bkav 20170606
CAT-QuickHeal 20170606
ClamAV 20170606
CMC 20170606
Comodo 20170606
Cyren 20170606
DrWeb 20170606
Endgame 20170515
F-Prot 20170606
Ikarus 20170606
Jiangmin 20170606
K7AntiVirus 20170606
K7GW 20170606
Kaspersky 20170606
Kingsoft 20170606
McAfee 20170606
McAfee-GW-Edition 20170606
NANO-Antivirus 20170606
nProtect 20170606
Palo Alto Networks (Known Signatures) 20170606
Panda 20170606
Qihoo-360 20170606
Rising 20170606
Symantec 20170606
Symantec Mobile Insight 20170605
Tencent 20170606
TheHacker 20170605
TrendMicro-HouseCall 20170606
Trustlook 20170606
VBA32 20170606
VIPRE 20170606
ViRobot 20170606
WhiteArmor 20170601
Yandex 20170606
ZoneAlarm by Check Point 20170606
Zoner 20170606
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2015

Product hidden-tear
Original name hidden-tear.exe
Internal name hidden-tear.exe
File version 1.0.0.0
Description hidden-tear
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-06-06 10:34:43
Entry Point 0x00014382
Number of sections 3
.NET details
Module Version ID c05a2dd3-8fd1-4a54-b0b9-37cdbff98202
TypeLib ID 7ab0dd04-43e0-4d89-be59-60a30b766467
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 5
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 8
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
11.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
176128

EntryPoint
0x14382

OriginalFileName
hidden-tear.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2015

FileVersion
1.0.0.0

TimeStamp
2017:06:06 11:34:43+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
hidden-tear.exe

ProductVersion
1.0.0.0

FileDescription
hidden-tear

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
74752

ProductName
hidden-tear

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 5d4d5deef0408e8f1afa140595c0934c
SHA1 9a48822d3fa98f0e0ea04457306d3b48d494369c
SHA256 4db6d2704e7ad3295158c7e8cab5c654c6b4fccbc91e762bf5a69a2c91b3e9b8
ssdeep
3072:juUo88bCftQYI8BR2MI4KM0O/1HM+lmsolAIrRuw+mqv9j1MWLQS:juJCFTTBRu+v/1s+lDAA

authentihash 80f1235b57d7d188181129cef0c56d159dfbfdb7567cbe83df1fb271bda6f6de
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 173.0 KB ( 177152 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (82.9%)
Win32 Dynamic Link Library (generic) (7.4%)
Win32 Executable (generic) (5.1%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)
Tags
peexe assembly

VirusTotal metadata
First submission 2017-06-06 21:33:27 UTC ( vor 1 Jahr, 7 Monate )
Last submission 2017-06-06 21:33:27 UTC ( vor 1 Jahr, 7 Monate )
Dateinamen hidden-tear.exe
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!