× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 04ab7621d575ed755f8c353986a4e79fad2e52d9023545a2120f356fc1e779da
File name: cmdutils.zip
Detection ratio: 11 / 51
Analysis date: 2014-05-25 07:05:49 UTC ( 1 year, 1 month ago ) View latest
Antivirus Result Update
AntiVir Joke/BadJoke.MovingMouse.V.1 20140524
Baidu-International Trojan.Win32.BadJoke.ANaT 20140524
ClamAV Win.Trojan.Badjoke-17 20140525
Comodo ApplicUnsaf.Win32.Hoax.BadJoke.MovingMouse.v 20140524
Jiangmin Hoax.BadJoke.bd 20140525
Kingsoft VIRUS_UNKNOWN 20140525
NANO-Antivirus Riskware.Win32.Finger.lsxdb 20140525
Panda Trj/Downloader.MDW 20140524
TheHacker Adware/BadJoke.MovingMouse.v 20140525
VIPRE Trojan.Win32.Generic!BT 20140525
ViRobot Hoax.BadJoke.161162 20140524
AVG 20140525
Ad-Aware 20140525
AegisLab 20140525
Agnitum 20140524
AhnLab-V3 20140524
Antiy-AVL 20140525
Avast 20140525
BitDefender 20140525
Bkav 20140523
ByteHero 20140525
CAT-QuickHeal 20140524
CMC 20140525
Commtouch 20140525
DrWeb 20140525
ESET-NOD32 20140524
Emsisoft 20140525
F-Prot 20140525
F-Secure 20140525
Fortinet 20140525
GData 20140525
Ikarus 20140525
K7AntiVirus 20140523
K7GW 20140523
Kaspersky 20140525
Malwarebytes 20140525
McAfee 20140525
McAfee-GW-Edition 20140525
MicroWorld-eScan 20140525
Microsoft 20140525
Norman 20140525
Qihoo-360 20140525
Rising 20140524
SUPERAntiSpyware 20140524
Sophos 20140525
Symantec 20140525
Tencent 20140515
TotalDefense 20140525
TrendMicro 20140525
TrendMicro-HouseCall 20140525
VBA32 20140523
Zillya 20140524
nProtect 20140523
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
14
Uncompressed size
444908
Highest datetime
2004-11-26 13:20:14
Lowest datetime
1996-07-18 19:20:44
Contained files by extension
EXE
6
exe
6
htm
1
jpg
1
Contained files by type
Portable Executable
12
unknown
1
JPG
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0xe1727a24

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
37376

ZipCompressedSize
15529

FileTypeExtension
zip

ZipFileName
WHICH.EXE

ZipBitFlag
0

ZipModifyDate
2001:03:09 20:33:17

File identification
MD5 776b72a0027a9f957067da0c23b14f65
SHA1 ee31491a90de0d054ada7d8bd18986ab88812ea1
SHA256 04ab7621d575ed755f8c353986a4e79fad2e52d9023545a2120f356fc1e779da
ssdeep
3072:1hdJdWS0RVWZwoPu7JZbgjJ1XZGTjV8B9/6bdGo0IvXsqbfRSKd/+qs:DduVWZ3ubAJ9Zs29/6B0IvcqcKd/+qs

File size 157.4 KB ( 161162 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2008-01-31 20:30:52 UTC ( 7 years, 5 months ago )
Last submission 2014-12-03 08:18:00 UTC ( 7 months ago )
File names 776b72a0027a9f957067da0c23b14f65
ee31491a90de0d054ada7d8bd18986ab88812ea1.bin
cmdutils.zip
file-860080_zip
file-7018650_zip
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: http://www.clamav.net/doc/pua.html .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!