× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0a0818d1893eb92fb6535408d5a9b482960b62629492962f688917c9206d79f3
File name: 20151029__ebay_591278156712819_291015.zip
Detection ratio: 45 / 55
Analysis date: 2016-02-29 16:05:39 UTC ( 1 year ago )
Antivirus Result Update
Ad-Aware Trojan.GenericKD.2834675 20160229
AegisLab Troj.Downloader.W32.Upatre!c 20160229
Yandex Trojan.DL.Upatre! 20160228
ALYac Trojan.GenericKD.2834675 20160229
Antiy-AVL Trojan[Downloader]/Win32.Upatre 20160229
Arcabit Trojan.Generic.D2B40F3 20160229
Avast Win32:Malware-gen 20160229
AVG FakeAlert 20160229
Avira (no cloud) TR/Crypt.ZPACK.197920 20160229
AVware Trojan.Win32.Generic!BT 20160229
Baidu-International Trojan.Win32.Upatre.fggk 20160229
BitDefender Trojan.GenericKD.2834675 20160229
CAT-QuickHeal TrojanDownloader.Upatre.A4 20160229
Comodo UnclassifiedMalware 20160229
Cyren W32/Trojan.OLUL-1643 20160229
Emsisoft Trojan.GenericKD.2834675 (B) 20160229
ESET-NOD32 Win32/TrojanDownloader.Waski.A 20160229
F-Prot W32/Trojan3.SGH 20160229
F-Secure Trojan.GenericKD.2834675 20160229
Fortinet W32/Monlin.6773!tr 20160229
GData Trojan.GenericKD.2834675 20160229
Ikarus Trojan.Injector 20160229
Jiangmin TrojanDownloader.Upatre.abcs 20160229
K7AntiVirus Trojan ( 004d56831 ) 20160229
K7GW Trojan ( 004d56831 ) 20160229
Kaspersky Trojan-Downloader.Win32.Upatre.fggk 20160229
Malwarebytes Trojan.Upatre 20160229
McAfee Generic.xk 20160229
McAfee-GW-Edition BehavesLike.PWSZbot.nc 20160229
Microsoft TrojanDownloader:Win32/Upatre 20160229
eScan Trojan.GenericKD.2834675 20160229
NANO-Antivirus Trojan.Win32.Injector.eahzik 20160229
nProtect Trojan.GenericKD.2834675 20160229
Panda Trj/WLT.B 20160228
Rising PE:Malware.Generic/QRS!1.9E2D [F] 20160225
Sophos Mal/Dyreza-AB 20160229
Tencent Win32.Trojan.Fakedoc.Auto 20160229
TheHacker Trojan/Downloader.Waski.a 20160227
TrendMicro TROJ_UP.499FE308 20160229
TrendMicro-HouseCall TROJ_UP.499FE308 20160229
VBA32 TrojanDownloader.Upatre 20160229
VIPRE Trojan.Win32.Generic!BT 20160229
ViRobot Trojan.Win32.S.Upatre.38326[h] 20160229
Zillya Trojan.Kryptik.Win32.816557 20160227
Zoner Trojan.Upatre 20160229
AhnLab-V3 20160229
Alibaba 20160229
Bkav 20160229
ByteHero 20160229
ClamAV 20160229
CMC 20160225
DrWeb 20160229
Qihoo-360 20160229
SUPERAntiSpyware 20160229
Symantec 20160228
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
1
Uncompressed size
65024
Highest datetime
2015-10-29 01:50:46
Lowest datetime
2015-10-29 01:50:46
Contained files by extension
exe
1
Contained files by type
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0xfbe187d4

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
65024

ZipCompressedSize
38130

FileTypeExtension
zip

ZipFileName
ebay_591278156712819_291015.exe

ZipBitFlag
0

ZipModifyDate
2015:10:29 01:50:23

Compressed bundles
File identification
MD5 7fae7c851327f82ac8326a718d2b33db
SHA1 69c0ee75229baae5b9c7206c42e6e8407124acf1
SHA256 0a0818d1893eb92fb6535408d5a9b482960b62629492962f688917c9206d79f3
ssdeep
768:DK5UaIoZzH+1Sm6E1UvVGSm9/VZNotmFbWbv7E2FwDdwNRgQj1Pmf:GTNZze1SHPMSm9fN3IpMa3xq

File size 37.4 KB ( 38326 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe attachment zip

VirusTotal metadata
First submission 2015-10-29 10:25:21 UTC ( 1 year, 5 months ago )
Last submission 2016-02-29 16:05:39 UTC ( 1 year ago )
File names 2918fb5f0fb601396de951fc9c16c098
20151029__ebay_591278156712819_291015.zip
b521064d53db4b49a110afa9112651e8
ebay_591278156712819_291015.zip
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: Suspicious_GEN.F47V1029.

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!