× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 03964c2de75958db04691ea96d83729f097403c8fde8d905fe0d19b09326c60e
File name: Remit_desktopsvcs.com.zip
Detection ratio: 49 / 62
Analysis date: 2017-11-12 01:58:07 UTC ( 1 year ago )
Antivirus Result Update
AegisLab Troj.PSW32.W.Tepfer.hqvu!c 20171112
AhnLab-V3 Win-Trojan/Pws-tepfer.97792 20171111
ALYac Trojan.Generic.KD.922626 20171110
Antiy-AVL Trojan[PSW]/Win32.Tepfer 20171112
Arcabit Trojan.Generic.KD.DE1402 20171110
Avast Win32:Malware-gen 20171112
AVG Win32:Malware-gen 20171112
Avira (no cloud) TR/PSW.Fareit.C.414 20171111
AVware Win32.Malware!Drop 20171111
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9972 20171109
BitDefender Trojan.Generic.KD.922626 20171111
CAT-QuickHeal Trojan.Pony.mue 20171111
ClamAV Win.Trojan.Tepfer-277 20171111
Comodo UnclassifiedMalware 20171112
Cylance Unsafe 20171112
Cyren W32/Trojan.UREX-1864 20171112
DrWeb Trojan.PWS.Stealer.1932 20171111
Emsisoft Trojan.Generic.KD.922626 (B) 20171111
ESET-NOD32 Win32/PSW.Fareit.A 20171111
F-Prot W32/Trojan3.FAJ 20171112
Fortinet W32/Tepfer.HQVU!tr 20171112
GData Trojan.Generic.KD.922626 20171112
Ikarus Trojan-PSW.Win32.Tepfer 20171111
Sophos ML heuristic 20170914
Jiangmin Trojan/PSW.Tepfer.axjk 20171110
K7AntiVirus Password-Stealer ( 0040f2b61 ) 20171111
K7GW Password-Stealer ( 0040f2b61 ) 20171112
Kaspersky Trojan-PSW.Win32.Tepfer.hqvu 20171112
Kingsoft VIRUS_UNKNOWN 20171112
Malwarebytes Trojan.Agent.RVGen4X 20171112
MAX malware (ai score=89) 20171112
McAfee Generic.pc 20171112
McAfee-GW-Edition Generic.pc 20171112
Microsoft PWS:Win32/Fareit 20171112
NANO-Antivirus Trojan.Win32.Tepfer.cqjryj 20171112
Panda Trj/Agent.IVN 20171111
Qihoo-360 Win32/Trojan.PSW.07a 20171112
Sophos AV Troj/Agent-AAZA 20171112
Symantec SecurityRisk.gen1 20171111
Tencent Win32.Init.QQRob.cyvt 20171112
TotalDefense Win32/Fareit.PR 20171111
TrendMicro TSPY_TEPFER.ARX 20171112
TrendMicro-HouseCall TSPY_TEPFER.ARX 20171111
VBA32 BScope.Malware-Cryptor.8413 20171110
VIPRE Win32.Malware!Drop 20171112
ViRobot Trojan.Win32.PSW-Tepfer.97792 20171111
Yandex Trojan.PWS.Tepfer!4Dhtx4AUcoA 20171110
ZoneAlarm by Check Point Trojan-PSW.Win32.Tepfer.hqvu 20171112
Zoner Trojan.Fareit.A 20171112
Ad-Aware 20171112
Alibaba 20170911
Avast-Mobile 20171111
Bkav 20171111
CMC 20171109
CrowdStrike Falcon (ML) 20171016
Cybereason 20171030
eGambit 20171112
Endgame 20171024
eScan 20171112
nProtect 20171112
Palo Alto Networks (Known Signatures) 20171112
Rising 20171112
SentinelOne (Static ML) 20171019
SUPERAntiSpyware 20171111
Symantec Mobile Insight 20171110
TheHacker 20171102
Trustlook 20171112
WhiteArmor 20171104
Zillya 20171110
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
1
Uncompressed size
97792
Highest datetime
2013-04-01 12:45:20
Lowest datetime
2013-04-01 12:45:20
Contained files by extension
exe
1
Contained files by type
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x128b3c8e

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
97792

ZipCompressedSize
92604

FileTypeExtension
zip

ZipFileName
Last month remit.exe

ZipBitFlag
0

ZipModifyDate
2013:04:01 12:45:10

File identification
MD5 cae5a7ff7836f959b63cf1d7208b7b21
SHA1 2ad76aa6328501c52bebf2ebc370f52f6fdb8699
SHA256 03964c2de75958db04691ea96d83729f097403c8fde8d905fe0d19b09326c60e
ssdeep
1536:gbsu7O4MJrxEh4gk7KfnO8Umx55QVrR0j8/nuabjV5R61zRVOVCqAkbrFw9vk6aI:tu7O5YYG1TQVqcuabj/M1zKpA6rFwpRp

File size 90.6 KB ( 92778 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe upx attachment zip

VirusTotal metadata
First submission 2013-04-01 10:50:00 UTC ( 5 years, 7 months ago )
Last submission 2013-05-31 03:29:43 UTC ( 5 years, 5 months ago )
File names Remit_vereduscorp.com.zip
Remit_mcgware.com.zip
Remit_desktopsvcs.com.zip
Remit_digitalglobe.com.zip
file-5325756_zip
Remit_kbfx.net.zip
cae5a7ff7836f959b63cf1d7208b7b21
Remit_comporium.net.zip
Remit_gazstroy.com.zip
Remit_secsup.com.zip
Remit_teamrider-united.com.zip
Remit_typensave.com.zip
Remit_websiteceo.com.zip
Remit_landofcash.net.zip
Remit_goldentulipvarna.com.zip
Remit_enervest.net.zip
Remit_.zip
Remit_lobberecht.com.zip
Remit_grandecom.net.zip
Remit_travel24.com.zip
Remit_dfcauto.com.zip
Remit_enetsolutions.net.zip
Remit_sotox.com.zip
Remit_baader.com.zip
Remit_sutc.com.zip
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!