× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 11ad68f1a43d8ef18cb1a60b93af0da4e7280b12f5e48c16bb8e06798cfb1063
File name: 11ad68f1a43d8ef18cb1a60b93af0da4e7280b12f5e48c16bb8e06798cfb1063
Detection ratio: 42 / 55
Analysis date: 2016-07-21 10:06:34 UTC ( 2 years, 5 months ago )
Antivirus Result Update
Ad-Aware Generic.Malware.GH.11DFAF18 20160721
AegisLab Troj.Ransom.W32!c 20160721
AhnLab-V3 Trojan/Win32.Crypt.N2000059939 20160721
ALYac Generic.Malware.GH.11DFAF18 20160721
Antiy-AVL Trojan[:HEUR]/Win32.AGeneric 20160721
Arcabit Generic.Malware.GH.11DFAF18 20160721
Avast Win32:Mischa-A [Trj] 20160721
AVG FileCryptor.LCN 20160721
Avira (no cloud) TR/Graftor.uotz 20160721
AVware Trojan.Win32.Generic!BT 20160721
Baidu Win32.Trojan.WisdomEyes.151026.9950.9999 20160721
BitDefender Generic.Malware.GH.11DFAF18 20160721
CAT-QuickHeal TrojanRansom.Mikhail.r4 20160721
ClamAV Win.Malware.Mischa-1 20160721
Cyren W32/Trojan.MRZL-2741 20160721
DrWeb Trojan.Encoder.4543 20160721
Emsisoft Generic.Malware.GH.11DFAF18 (B) 20160721
ESET-NOD32 Win32/Filecoder.Mischa.A 20160721
F-Secure Generic.Malware.GH.11DFAF18 20160721
Fortinet W32/Generic.AP.3505650!tr 20160721
GData Generic.Malware.GH.11DFAF18 20160721
Ikarus Trojan.Win32.Filecoder 20160721
Jiangmin Trojan.Generic.yica 20160721
K7AntiVirus Trojan ( 004ef5b91 ) 20160721
K7GW Trojan ( 004ef5b91 ) 20160721
Kaspersky Trojan-Ransom.Win32.Mikhail.a 20160721
Malwarebytes Ransom.Mischa 20160721
McAfee RDN/Ransom 20160721
McAfee-GW-Edition BehavesLike.Win32.Miuref.mh 20160721
Microsoft Ransom:Win32/Mischa.A 20160721
eScan Generic.Malware.GH.11DFAF18 20160721
NANO-Antivirus Trojan.Win32.Encoder.edlweh 20160721
Panda Trj/CI.A 20160720
Qihoo-360 HEUR/QVM40.1.Malware.Gen 20160721
Sophos AV Mal/Generic-S 20160721
Symantec Trojan Horse 20160721
Tencent Win32.Trojan.Mikhail.Dxda 20160721
TrendMicro-HouseCall Ransom_MISCHA.SM 20160721
VIPRE Trojan.Win32.Generic!BT 20160721
ViRobot Trojan.Win32.Petya.22016[h] 20160721
Yandex Trojan.Mikhail! 20160717
Zillya Trojan.Mikhail.Win32.2 20160720
Alibaba 20160721
Bkav 20160720
CMC 20160715
Comodo 20160721
F-Prot 20160721
Kingsoft 20160721
nProtect 20160721
SUPERAntiSpyware 20160721
TheHacker 20160720
TotalDefense 20160721
TrendMicro 20160721
VBA32 20160720
Zoner 20160721
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-05-09 14:34:54
Entry Point 0x00004110
Number of sections 4
PE sections
PE imports
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
FindNextFileA
GetLastError
MoveFileA
HeapFree
GetFileSizeEx
lstrcmpiA
GetLogicalDriveStringsA
GetFileAttributesA
FindClose
WaitForSingleObject
GetDriveTypeA
CreateEventA
WriteFile
FindFirstFileA
ReadFile
CreateFileA
HeapAlloc
GetProcessHeap
CloseHandle
PE exports
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
2016:05:09 15:34:54+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
13312

LinkerVersion
12.0

EntryPoint
0x4110

InitializedDataSize
16384

SubsystemVersion
6.0

ImageVersion
0.0

OSVersion
6.0

UninitializedDataSize
0

File identification
MD5 10b2d20a3c36fe6a5bf6f3b15149c3d1
SHA1 d6c9397775bdca08d918897d3dd5bc47da3333d4
SHA256 11ad68f1a43d8ef18cb1a60b93af0da4e7280b12f5e48c16bb8e06798cfb1063
ssdeep
384:zV5KJyZfOM6RzrCMxOwqga2XSDCEbvHggLJrceOhlrtKT2s:yA/61CMkhvkSGEb/JJc0x

authentihash 67caa2bbe0541c8f47df276346103c48b61c6d1ee04348866ad2f5c236a2cb18
imphash eb03f5f29b1d80478c8f6a9270f84dce
File size 21.5 KB ( 22016 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
pedll

VirusTotal metadata
First submission 2016-05-13 13:53:30 UTC ( 2 years, 8 months ago )
Last submission 2016-07-21 10:06:34 UTC ( 2 years, 5 months ago )
File names 11ad68f1a43d8ef18cb1a60b93af0da4e7280b12f5e48c16bb8e06798cfb1063
mischa2.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!