× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0e52a4b9abb88779b54807fdf163d1aa383b17edb3bcf0b0a66bcfa0b82edc52
File name: BandungCheater.zip
Detection ratio: 35 / 55
Analysis date: 2015-07-13 13:35:28 UTC ( 2 years, 2 months ago )
Antivirus Result Update
Ad-Aware Trojan.Generic.14808438 20150713
Yandex Trojan.Agent!BShW2IGB2Y0 20150712
ALYac Trojan.Generic.14808438 20150713
Arcabit Trojan.Generic.DE1F576 20150713
Avast Win32:Malware-gen 20150713
AVG Generic13_c.ACNB 20150713
Avira (no cloud) TR/Black.Gen2 20150713
AVware Trojan.Win32.Generic!BT 20150713
Baidu-International PUA.Win32.VMProtect.AAH 20150713
BitDefender Trojan.Generic.14808438 20150713
Comodo TrojWare.Win32.Trojan.XPACK.Gen 20150713
Cyren W32/Trojan.CJYS-3151 20150713
Emsisoft Trojan.Generic.14808438 (B) 20150713
ESET-NOD32 a variant of Win32/Packed.VMProtect.AAH 20150713
F-Secure Trojan.Generic.14808438 20150713
Fortinet W32/Generic.A!tr 20150713
GData Trojan.Generic.14808438 20150713
Ikarus Trojan.Win32.VMProtect 20150713
K7AntiVirus Trojan ( 00006f8a1 ) 20150713
K7GW Trojan ( 00006f8a1 ) 20150713
Kaspersky HEUR:Trojan.Win32.Generic 20150713
McAfee RDN/Generic.dx!d2m 20150713
McAfee-GW-Edition RDN/Generic.dx!d2m 20150713
Microsoft VirTool:Win32/Obfuscator.XZ 20150713
eScan Trojan.Generic.14808438 20150713
NANO-Antivirus Trojan.Win32.Black.dtpcug 20150713
nProtect Trojan.Generic.14808438 20150710
Panda Generic Suspicious 20150713
Qihoo-360 HEUR/QVM36.0.Malware.Gen 20150713
Rising PE:Trojan.Win32.Generic.18D89998!416848280 20150713
Sophos AV Mal/VMProtBad-A 20150713
Symantec Packed.Vmpbad!gen4 20150713
TrendMicro TROJ_GE.2CA3B43D 20150713
TrendMicro-HouseCall TROJ_GE.2CA3B43D 20150713
VIPRE Trojan.Win32.Generic!BT 20150713
AegisLab 20150713
AhnLab-V3 20150713
Alibaba 20150713
Antiy-AVL 20150713
Bkav 20150713
ByteHero 20150713
CAT-QuickHeal 20150713
ClamAV 20150713
DrWeb 20150713
F-Prot 20150713
Jiangmin 20150710
Kingsoft 20150713
Malwarebytes 20150713
SUPERAntiSpyware 20150713
Tencent 20150713
TheHacker 20150713
VBA32 20150713
ViRobot 20150713
Zillya 20150713
Zoner 20150713
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
1
Uncompressed size
75264
Highest datetime
2015-07-13 19:33:08
Lowest datetime
2015-07-13 19:33:08
Contained files by extension
dll
1
Contained files by type
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0xff936e64

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
75264

ZipCompressedSize
68422

FileTypeExtension
zip

ZipFileName
BandungCheater.dll

ZipBitFlag
0

ZipModifyDate
2015:07:13 19:33:04

File identification
MD5 61660009701af7d34bf71ff924dfb3a0
SHA1 6535df4ff1084b2a27973d603e96b3b32943c786
SHA256 0e52a4b9abb88779b54807fdf163d1aa383b17edb3bcf0b0a66bcfa0b82edc52
ssdeep
1536:4wZvPXc6ImXIIFzCqgJ2LdDDdDHKF6i39pKDs6VDnJyasGnERMRk6IycDoP3j:pvvymXuDJuvtqFhtuJy2a7ycMvj

File size 67.0 KB ( 68592 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2015-07-13 13:35:28 UTC ( 2 years, 2 months ago )
Last submission 2015-07-13 13:35:28 UTC ( 2 years, 2 months ago )
File names BandungCheater.zip
bLbz2ho.rtf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!