× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f865fa817532a52645dd2ab94eb638708f18d627f8263daeca5f873253dd6e22
File name: suspected-MaraCMS5-WindowsPortable.zip
Detection ratio: 4 / 56
Analysis date: 2016-05-17 10:08:06 UTC ( 2 years, 1 month ago )
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.151026.9950.9971 20160517
ESET-NOD32 Win32/PrcView potentially unsafe 20160517
TheHacker Aplicacion/Processor.20 20160516
Zoner Trojan.Generic 20160517
Ad-Aware 20160517
AegisLab 20160517
AhnLab-V3 20160517
Alibaba 20160516
ALYac 20160517
Antiy-AVL 20160517
Arcabit 20160517
Avast 20160517
AVG 20160517
Avira (no cloud) 20160517
AVware 20160511
Baidu-International 20160517
BitDefender 20160517
Bkav 20160517
CAT-QuickHeal 20160517
ClamAV 20160517
CMC 20160516
Comodo 20160516
Cyren 20160517
DrWeb 20160517
Emsisoft 20160517
F-Prot 20160517
F-Secure 20160517
Fortinet 20160517
GData 20160517
Ikarus 20160517
Jiangmin 20160517
K7AntiVirus 20160517
K7GW 20160517
Kaspersky 20160517
Kingsoft 20160517
Malwarebytes 20160517
McAfee 20160517
McAfee-GW-Edition 20160517
Microsoft 20160517
eScan 20160517
NANO-Antivirus 20160517
nProtect 20160516
Panda 20160516
Qihoo-360 20160517
Rising 20160517
Sophos AV 20160517
SUPERAntiSpyware 20160517
Symantec 20160517
Tencent 20160517
TrendMicro 20160517
TrendMicro-HouseCall 20160517
VBA32 20160516
VIPRE 20160517
ViRobot 20160517
Yandex 20160516
Zillya 20160517
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
1297
Uncompressed size
72352036
Highest datetime
2015-11-06 21:49:08
Lowest datetime
2009-12-20 00:00:00
Contained files by extension
js
288
dll
135
h
135
png
71
txt
53
gif
53
php
33
css
20
exe
10
md
9
mnu
4
jpg
3
ini
3
EXE
2
ico
2
htm
1
lib
1
cnf
1
bat
1
cmd
1
cat
1
au3
1
Contained files by type
unknown
543
directory
153
Portable Executable
147
PNG
71
GIF
53
PHP
23
HTML
7
JPG
3
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
10

ZipCRC
0x00000000

FileType
ZIP

ZipCompression
None

ZipUncompressedSize
0

ZipCompressedSize
0

FileTypeExtension
zip

ZipFileName
log/

ZipBitFlag
0

ZipModifyDate
2015:11:06 20:01:13

File identification
MD5 95ac36ae216e34c925ef793039d43030
SHA1 bebe84d48a6cf6067523e547dacfcd6a0f269ac0
SHA256 f865fa817532a52645dd2ab94eb638708f18d627f8263daeca5f873253dd6e22
ssdeep
786432:wmLbZhnIQoSv4QI5U00U+MNsuh8KaGsWCxaHC3dmcMA1umt:t7RU+jvKqdmLyuG

File size 33.0 MB ( 34611583 bytes )
File type ZIP
Magic literal
Zip archive data, at least v1.0 to extract

TrID BlueEyes Animation (52.9%)
Mozilla Firefox browser extension (31.3%)
ZIP compressed archive (15.6%)
Tags
contains-pe zip upx

VirusTotal metadata
First submission 2016-05-17 10:08:06 UTC ( 2 years, 1 month ago )
Last submission 2016-05-17 10:08:06 UTC ( 2 years, 1 month ago )
File names suspected-MaraCMS5-WindowsPortable.zip
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!