× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 018bdf316c3df6159ead770891d426155b7015dd14639577887b132c4f1c2ffe
Detection ratio: 12 / 64
Analysis date: 2018-05-22 00:14:29 UTC ( 9 months ago ) View latest
Antivirus Result Update
AegisLab Ml.Attribute.Gen!c 20180521
Avast Win32:MdeClass 20180521
AVG Win32:MdeClass 20180521
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180521
Cylance Unsafe 20180522
Endgame malicious (high confidence) 20180507
Kaspersky UDS:DangerousObject.Multi.Generic 20180521
McAfee-GW-Edition BehavesLike.Win32.MultiPlug.ch 20180521
Palo Alto Networks (Known Signatures) generic.ml 20180522
Qihoo-360 HEUR/QVM20.1.51D1.Malware.Gen 20180522
Symantec ML.Attribute.HighConfidence 20180521
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180521
Ad-Aware 20180521
AhnLab-V3 20180521
Alibaba 20180521
ALYac 20180521
Antiy-AVL 20180522
Arcabit 20180521
Avast-Mobile 20180520
Avira (no cloud) 20180521
AVware 20180521
Babable 20180406
BitDefender 20180521
Bkav 20180521
CAT-QuickHeal 20180521
ClamAV 20180521
CMC 20180521
Comodo 20180521
CrowdStrike Falcon (ML) 20180202
Cybereason None
Cyren 20180521
DrWeb 20180522
eGambit 20180522
Emsisoft 20180521
ESET-NOD32 20180521
F-Prot 20180521
F-Secure 20180521
Fortinet 20180521
GData 20180521
Ikarus 20180521
Sophos ML 20180503
Jiangmin 20180521
K7AntiVirus 20180521
K7GW 20180521
Kingsoft 20180522
Malwarebytes 20180521
MAX 20180522
McAfee 20180521
Microsoft 20180521
eScan 20180521
NANO-Antivirus 20180521
nProtect 20180521
Panda 20180521
Rising 20180521
SentinelOne (Static ML) 20180225
Sophos AV 20180522
SUPERAntiSpyware 20180521
Symantec Mobile Insight 20180522
Tencent 20180522
TheHacker 20180516
TrendMicro 20180521
TrendMicro-HouseCall 20180521
Trustlook 20180522
VBA32 20180521
VIPRE 20180521
ViRobot 20180521
Webroot 20180522
Yandex 20180518
Zoner 20180521
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-05-22 06:03:54
Entry Point 0x0000155B
Number of sections 5
PE sections
PE imports
CloseServiceHandle
JetIndexRecordCount
GetAspectRatioFilterEx
GetPolyFillMode
FillRgn
GetTextCharset
SetPixelFormat
GetNamedPipeClientProcessId
GetQueuedCompletionStatus
GlobalMemoryStatus
GetProcessAffinityMask
GetUserDefaultLangID
IsSystemResumeAutomatic
HeapUnlock
GetFileBandwidthReservation
FlsGetValue
SetEndOfFile
GetCommandLineA
SetMailslotInfo
StrFormatByteSizeW
RevertSecurityContext
SetFocus
HiliteMenuItem
IsWinEventHookInstalled
IsWindowVisible
IsZoomed
GetShellWindow
MonitorFromWindow
Number of PE resources by type
RT_STRING 7
RT_DIALOG 2
Number of PE resources by language
NEUTRAL 9
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2018:05:22 07:03:54+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
12288

LinkerVersion
10.0

FileTypeExtension
exe

InitializedDataSize
0

SubsystemVersion
4.0

EntryPoint
0x155b

OSVersion
5.0

ImageVersion
0.0

UninitializedDataSize
143360

Compressed bundles
File identification
MD5 acbafa30cd4f4d9ba5c355a2f1f7a873
SHA1 3bd2d4485410a4661c02bfe0f844d6a7f8662b01
SHA256 018bdf316c3df6159ead770891d426155b7015dd14639577887b132c4f1c2ffe
ssdeep
3072:1fYCld0ZAxxBaiH1dmjq7T+QVn7PSv/GXaNFdlSH:BYCloAxR1dYqeQVn7PS2Xa

authentihash 48bd9988839e67a829109d0e43689421bb8d45801040c90d1a48b13d17b9b7db
imphash 5189056fc04bf764aedd1bf043e73484
File size 160.0 KB ( 163840 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-05-21 23:39:38 UTC ( 9 months ago )
Last submission 2018-05-26 02:35:04 UTC ( 8 months, 4 weeks ago )
File names 95796705.exe
9540433123.exe
26605464.exe
582576105.exe
234049736.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!