× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 8e273948a179077e2a8187be95bd2458fb3f2d71590686237887794272e1d32a
Dateiname: cbust.exe
Erkennungsrate: 5 / 56
Analyse-Datum: 2015-10-14 02:05:04 UTC ( vor 3 Jahre, 7 Monate ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
Avast Win32:Malware-gen 20151014
ESET-NOD32 a variant of MSIL/Kryptik.DHC 20151014
Ikarus Trojan.MSIL.Crypt 20151014
Kaspersky Trojan.Win32.Inject.vjps 20151014
McAfee-GW-Edition BehavesLike.Win32.BackdoorNJRat.ch 20151014
Ad-Aware 20151014
AegisLab 20151013
Yandex 20151014
AhnLab-V3 20151013
Alibaba 20151013
ALYac 20151014
Antiy-AVL 20151014
Arcabit 20151014
AVG 20151013
Avira (no cloud) 20151014
AVware 20151013
Baidu-International 20151013
BitDefender 20151014
Bkav 20151013
ByteHero 20151014
CAT-QuickHeal 20151013
ClamAV 20151013
CMC 20151012
Comodo 20151014
Cyren 20151014
DrWeb 20151014
Emsisoft 20151014
F-Prot 20151014
F-Secure 20151014
Fortinet 20151013
GData 20151014
Jiangmin 20151013
K7AntiVirus 20151013
K7GW 20151013
Kingsoft 20151014
Malwarebytes 20151014
McAfee 20151014
Microsoft 20151014
eScan 20151014
NANO-Antivirus 20151014
nProtect 20151013
Panda 20151013
Qihoo-360 20151014
Rising 20151013
Sophos AV 20151014
SUPERAntiSpyware 20151014
Symantec 20151013
Tencent 20151014
TheHacker 20151012
TrendMicro 20151014
TrendMicro-HouseCall 20151014
VBA32 20151013
VIPRE 20151013
ViRobot 20151014
Zillya 20151013
Zoner 20151014
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-10-12 16:43:32
Entry Point 0x00020C8E
Number of sections 3
.NET details
Module Version ID fef73283-22eb-4e19-9bd7-606e33482a1b
TypeLib ID 562c9844-b13d-40f1-95e1-1be8db723e50
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2015:10:12 18:43:32+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
126976

LinkerVersion
8.0

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x20c8e

InitializedDataSize
8192

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 20d2152087c6aeb522bce6883794746e
SHA1 b4d4b7c7ed7bfd7ac253327246429498777cc57c
SHA256 8e273948a179077e2a8187be95bd2458fb3f2d71590686237887794272e1d32a
ssdeep
3072:rX+Ng8cJ4Dv3dX9u1QK2uF/Fk2Pi1pgY+TyMPbiF0xPt:7scJENKtLPq+Y+dk0B

authentihash 8ccaf5257c8b4b9aaf18c2600a096efa4c895b58a70695ad957c0c8ec9f2bd8f
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 136.0 KB ( 139264 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (61.0%)
Win64 Executable (generic) (22.9%)
Win32 Dynamic Link Library (generic) (5.4%)
Win32 Executable (generic) (3.7%)
Win16/32 Executable Delphi generic (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2015-10-14 02:05:04 UTC ( vor 3 Jahre, 7 Monate )
Last submission 2019-01-18 16:24:57 UTC ( vor 4 Monate )
Dateinamen {B0CC5661-512C-435A-8755-12B6A9154A70}
RAT_247financedeal.com.exe
cbust.exe
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!