× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0f14c079dbff7119f123adb0042296558abeb6700e3db0930e90bd8bc63db603
File name: setup.exe
Detection ratio: 33 / 68
Analysis date: 2018-01-12 19:08:27 UTC ( 1 year, 3 months ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Symmi.82468 20180112
AegisLab Uds.Dangerousobject.Multi!c 20180112
ALYac Gen:Variant.Symmi.82468 20180112
Arcabit Trojan.Symmi.D14224 20180112
Avast Win32:Malware-gen 20180112
AVG Win32:Malware-gen 20180112
Avira (no cloud) TR/Dropper.VB.aatgl 20180112
BitDefender Gen:Variant.Symmi.82468 20180112
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20171016
Cybereason malicious.5342a4 20171103
Cylance Unsafe 20180112
Emsisoft Gen:Variant.Symmi.82468 (B) 20180112
Endgame malicious (high confidence) 20171130
ESET-NOD32 a variant of Win32/Injector.DVAQ 20180112
F-Secure Gen:Variant.Symmi.82468 20180112
Fortinet W32/GenKryptik.BLOQ!tr 20180112
GData Gen:Variant.Symmi.82468 20180112
Ikarus Trojan.Win32.Injector 20180112
Sophos ML heuristic 20170914
K7AntiVirus NetWorm ( 700000151 ) 20180112
K7GW NetWorm ( 700000151 ) 20180112
Kaspersky Trojan.Win32.Mansabo.apn 20180112
MAX malware (ai score=94) 20180112
McAfee GenericR-LKA!223AB3E5BAE6 20180112
McAfee-GW-Edition BehavesLike.Win32.VBObfus.gc 20180112
eScan Gen:Variant.Symmi.82468 20180112
Panda Trj/Agent.DCA 20180112
SentinelOne (Static ML) static engine - malicious 20171224
Sophos AV Mal/Generic-S 20180112
Symantec Trojan.Gen.2 20180112
TrendMicro-HouseCall Suspicious_GEN.F47V0112 20180112
VIPRE Trojan.Win32.Generic!BT 20180112
ZoneAlarm by Check Point Trojan.Win32.Mansabo.apn 20180112
AhnLab-V3 20180112
Alibaba 20180112
Antiy-AVL 20180112
Avast-Mobile 20180112
AVware 20180103
Baidu 20180112
Bkav 20180112
CAT-QuickHeal 20180112
ClamAV 20180112
CMC 20180111
Comodo 20180112
Cyren 20180112
DrWeb 20180112
eGambit 20180112
F-Prot 20180112
Jiangmin 20180112
Kingsoft 20180112
Malwarebytes 20180112
Microsoft 20180112
NANO-Antivirus 20180112
nProtect 20180112
Palo Alto Networks (Known Signatures) 20180112
Qihoo-360 20180112
Rising 20180112
SUPERAntiSpyware 20180112
Symantec Mobile Insight 20180112
Tencent 20180112
TheHacker 20180112
TotalDefense 20180112
TrendMicro 20180112
Trustlook 20180112
VBA32 20180112
ViRobot 20180112
Webroot 20180112
WhiteArmor 20180110
Yandex 20180112
Zillya 20180112
Zoner 20180112
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
DisplayPort and HDMI

Product Air-Jokey
Original name Air-Jokey.exe
Internal name Air-Jokey
File version 1.00.0031
Description Borderless QHD display with unique design. With an ultra-slim profile and stylish metallic base
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-01-11 09:54:33
Entry Point 0x0000115C
Number of sections 3
PE sections
PE imports
EVENT_SINK_QueryInterface
Ord(645)
Ord(537)
Ord(648)
Ord(516)
Ord(661)
Ord(689)
EVENT_SINK_AddRef
Ord(650)
Ord(611)
Ord(300)
Ord(600)
__vbaExceptHandler
Ord(632)
MethCallEngine
DllFunctionCall
Ord(100)
Ord(599)
Ord(608)
Ord(594)
Ord(519)
Ord(571)
Ord(573)
ProcCallEngine
Ord(606)
EVENT_SINK_Release
Ord(595)
Ord(617)
Ord(593)
Ord(306)
Ord(644)
Ord(631)
Ord(546)
Ord(598)
Number of PE resources by type
RT_ICON 1
RT_STRING 1
RKJNAB59FVU 1
MNSJCASBF1 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
RUSSIAN 2
NEUTRAL 2
GERMAN LUXEMBOURG 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
319488

ImageVersion
1.0

ProductName
Air-Jokey

FileVersionNumber
1.0.0.31

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
exe

OriginalFileName
Air-Jokey.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.00.0031

TimeStamp
2018:01:11 10:54:33+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Air-Jokey

ProductVersion
1.00.0031

FileDescription
Borderless QHD display with unique design. With an ultra-slim profile and stylish metallic base

OSVersion
4.0

FileOS
Win32

LegalCopyright
DisplayPort and HDMI

MachineType
Intel 386 or later, and compatibles

CodeSize
126976

FileSubtype
0

ProductVersionNumber
1.0.0.31

EntryPoint
0x115c

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 223ab3e5bae65edf8fd5564b0b3befec
SHA1 abc55935342a461827130849408572214ee7e8b1
SHA256 0f14c079dbff7119f123adb0042296558abeb6700e3db0930e90bd8bc63db603
ssdeep
6144:VicAgVHCjAn7d5UH0JpOTjCzmLofQFFobHFvptq06D6mQTEEaNeIw42/4Px0lCNB:sTjufcFwHFvptUD6mQIFe6+cT

authentihash 48ff0ae0239604e96f1c3ee6ae71ea38f4044252944afdedcc72d9e54d2e0486
imphash 940948617570eb13f3a1ddc2ed3d1ef2
File size 440.0 KB ( 450560 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (88.6%)
Win32 Executable (generic) (4.8%)
OS/2 Executable (generic) (2.1%)
Generic Win/DOS Executable (2.1%)
DOS Executable Generic (2.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-01-12 04:53:42 UTC ( 1 year, 3 months ago )
Last submission 2018-01-15 03:15:28 UTC ( 1 year, 3 months ago )
File names Air-Jokey
setup.exe
Air-Jokey.exe
1024-abc55935342a461827130849408572214ee7e8b1
jomangi1.png
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!