× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0537cb4ee775f0e6b4679889db6186b032018e9882a7b2d5474728f7559e6cd7
File name: 439606
Detection ratio: 11 / 55
Analysis date: 2016-02-08 23:54:15 UTC ( 3 years, 2 months ago ) View latest
Antivirus Result Update
Antiy-AVL Trojan/Win32.SGeneric 20160208
CAT-QuickHeal Hoax.BadJoke.MovingMouse.bj.n4 (Not a Virus) 20160208
Comodo UnclassifiedMalware 20160208
Jiangmin Trojan/BCB.an 20160208
McAfee Artemis!F2D49BD2C6D8 20160208
McAfee-GW-Edition Artemis!F2D49BD2C6D8 20160208
Rising PE:Malware.Generic/QRS!1.9E2D [F] 20160208
Sophos AV Generic PUA JH (PUA) 20160208
TheHacker Adware/BadJoke.MovingMouse.aj 20160208
VIPRE Hoax.Win32.BadJoke.MovingMouse (not malicious) 20160208
ViRobot Hoax.BadJoke.20480.J[h] 20160209
Ad-Aware 20160209
AegisLab 20160208
Yandex 20160206
AhnLab-V3 20160208
Alibaba 20160204
ALYac 20160209
Arcabit 20160209
Avast 20160209
AVG 20160209
Avira (no cloud) 20160209
Baidu-International 20160208
BitDefender 20160209
Bkav 20160204
ByteHero 20160209
ClamAV 20160208
CMC 20160205
Cyren 20160209
DrWeb 20160209
Emsisoft 20160208
ESET-NOD32 20160208
F-Prot 20160129
F-Secure 20160208
Fortinet 20160208
GData 20160208
Ikarus 20160208
K7AntiVirus 20160208
K7GW 20160208
Kaspersky 20160208
Malwarebytes 20160208
Microsoft 20160208
eScan 20160208
NANO-Antivirus 20160208
nProtect 20160205
Panda 20160208
Qihoo-360 20160209
SUPERAntiSpyware 20160208
Symantec 20160208
Tencent 20160209
TotalDefense 20160208
TrendMicro 20160208
TrendMicro-HouseCall 20160208
VBA32 20160208
Zillya 20160208
Zoner 20160208
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
The file under inspection contains at least one ELF file.
Contained files
Compression metadata
Contained files
1918
Uncompressed size
5621754
Highest datetime
2009-07-31 13:29:28
Lowest datetime
2002-04-01 22:28:02
Contained files by extension
pl
421
al
229
pm
169
bs
23
so
13
dll
11
exp
10
ix
6
txt
2
pod
2
a
1
ld
1
exe
1
inf
1
Contained files by type
unknown
872
directory
100
ELF
14
Portable Executable
12
script
2
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0xe98c3a26

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
1088

ZipCompressedSize
588

FileTypeExtension
zip

ZipFileName
autorun

ZipBitFlag
0

ZipModifyDate
2009:07:31 13:29:28

File identification
MD5 90984552574274a64053fcdf3e9408ed
SHA1 c75885f6e941f5229bb7f2cb360a603ef25cf0e9
SHA256 0537cb4ee775f0e6b4679889db6186b032018e9882a7b2d5474728f7559e6cd7
ssdeep
98304:AKMZG66x0c34EGcZvT1j+A94Nhr5Jo42TQAGLUNajNn:A1Gp0cBGcxTx+A8x5yxp/ajNn

File size 4.4 MB ( 4653552 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID Mozilla Archive Format (gen) (58.3%)
ZIP compressed archive (33.3%)
PrintFox/Pagefox bitmap (var. P) (8.3%)
Tags
contains-pe zip contains-elf

VirusTotal metadata
First submission 2010-04-01 16:01:00 UTC ( 9 years ago )
Last submission 2018-05-22 01:46:23 UTC ( 11 months ago )
File names ws-cd.zip
Vx5ebHo.drv
439606
1340683432-ws-cd.zip
hhPffNe.gif
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: Suspici.826AD580.

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!