× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 12fb846c442fa350176029ac013d951ab7e7afa3bf944f2752c0ec66c142b99e
File name: VirusShare_e905f8949918c9fbebaf42d1e821fe6e
Detection ratio: 54 / 68
Analysis date: 2018-07-26 05:13:37 UTC ( 8 months, 4 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Dropper.ZomJoiner.2.5 20180726
AegisLab Trojan.Win32.AVKill.4!c 20180726
AhnLab-V3 Trojan/Win32.Agent.R99589 20180725
ALYac Trojan.Dropper.ZomJoiner.2.5 20180726
Antiy-AVL Trojan/Win32.AVKill 20180726
Arcabit Trojan.Dropper.ZomJoiner.2.5 20180726
Avast Win32:Malware-gen 20180726
AVG Win32:Malware-gen 20180726
Avira (no cloud) HEUR/AGEN.1010095 20180725
AVware Trojan.Win32.Generic.pak!cobra 20180726
BitDefender Trojan.Dropper.ZomJoiner.2.5 20180726
CAT-QuickHeal Trojan.Avkill.7393 20180725
ClamAV Win.Trojan.Killav-22 20180726
CMC Generic.Win32.e905f89499!MD 20180725
Comodo TrojWare.Win32.Trojan.XPACK.Gen 20180726
Cybereason malicious.49918c 20180225
Cylance Unsafe 20180726
Cyren W32/Risk.PASH-1095 20180726
DrWeb Trojan.ZJoiner 20180726
Emsisoft Trojan.Dropper.ZomJoiner.2.5 (B) 20180726
ESET-NOD32 Win32/TrojanDropper.ZomJoiner.25 20180726
F-Prot W32/Dropper.AEHC 20180726
F-Secure Trojan.Dropper.ZomJoiner.2.5 20180726
Fortinet W32/Multidr.25!tr 20180726
GData Trojan.Dropper.ZomJoiner.2.5 20180726
Ikarus Trojan.Win32.KillAV.GN 20180725
Jiangmin TrojanDropper.ZomJoiner.25 20180726
K7AntiVirus Trojan ( 004fdb4a1 ) 20180725
K7GW Trojan ( 004fdb4a1 ) 20180726
Kaspersky Trojan.Win32.AVKill.c 20180726
MAX malware (ai score=100) 20180726
McAfee MultiDropper-DN.cfg 20180726
McAfee-GW-Edition MultiDropper-DN.cfg 20180726
eScan Trojan.Dropper.ZomJoiner.2.5 20180726
NANO-Antivirus Trojan.Win32.AVKill.gxtt 20180726
Palo Alto Networks (Known Signatures) generic.ml 20180726
Panda Trojan Horse 20180725
Qihoo-360 Malware.Radar01.Gen 20180726
Rising Dropper.ZomJoiner!8.2A59 (CLOUD) 20180726
Sophos AV Troj/AVKill-C 20180726
Symantec Trojan.Dropper 20180726
TACHYON Trojan-Dropper/W32.ZomJoiner.28672.B 20180726
Tencent Win32.Trojan.Avkill.Airl 20180726
TheHacker Trojan/Hami 20180726
TotalDefense Win32/Zombie.25 20180722
TrendMicro TROJ_GEN.R002C0CLQ17 20180726
TrendMicro-HouseCall TROJ_GEN.R002C0CLQ17 20180726
VBA32 Trojan.AVKill 20180725
VIPRE Trojan.Win32.Generic.pak!cobra 20180726
ViRobot Dropper.ZomJoiner.28672 20180725
Webroot W32.Trojan.Trojan-dropper.Gen.X 20180726
Yandex Trojan.DR.ZomJoiner!jx7BlKQ1LCc 20180725
Zillya Dropper.ZomJoiner.Win32.47 20180725
ZoneAlarm by Check Point Trojan.Win32.AVKill.c 20180726
Alibaba 20180713
Avast-Mobile 20180725
Babable 20180725
Baidu 20180726
Bkav 20180725
CrowdStrike Falcon (ML) 20180723
eGambit 20180726
Endgame 20180711
Sophos ML 20180717
Kingsoft 20180726
Malwarebytes 20180726
Microsoft 20180726
SentinelOne (Static ML) 20180701
SUPERAntiSpyware 20180726
Trustlook 20180726
Zoner 20180725
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2003 zombie@freenet.am

Product JOINER
Original name joiner.exe
Internal name JOINER 2
File version 2.5
Description Joins 2 files into 1 exe file
Comments visit homepage for latest undetectable version
Packers identified
Command UPX
F-PROT UPX
PEiD UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2003-01-17 10:18:27
Entry Point 0x00012790
Number of sections 3
PE sections
PE imports
CreateSolidBrush
LoadLibraryA
ExitProcess
GetProcAddress
Ord(1576)
??Bios@@QBEPAXXZ
ShellExecuteA
IsIconic
Number of PE resources by type
RT_DIALOG 2
RT_ICON 2
RT_GROUP_ICON 2
RT_EXE 1
RT_BITMAP 1
RT_VERSION 1
Number of PE resources by language
RUSSIAN 8
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
visit homepage for latest undetectable version

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.0.0.0

LanguageCode
English (British)

FileFlagsMask
0x003f

FileDescription
Joins 2 files into 1 exe file

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
8192

EntryPoint
0x12790

OriginalFileName
joiner.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2003 zombie@freenet.am

FileVersion
2.5

TimeStamp
2003:01:17 11:18:27+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
JOINER 2

ProductVersion
2.5

UninitializedDataSize
49152

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
http://freenet.am/~zombie

CodeSize
24576

ProductName
JOINER

ProductVersionNumber
2.5.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 e905f8949918c9fbebaf42d1e821fe6e
SHA1 8d9e64744a0047f8b52f09845590812f951507eb
SHA256 12fb846c442fa350176029ac013d951ab7e7afa3bf944f2752c0ec66c142b99e
ssdeep
768:NUaWLij4KHA/jed1kW+AzK0P4TDWGpeL82SXXWz:OaWLW9KWXzrwTSGcpSWz

authentihash f117d4838f56a9dc0e8bd252eda5bc7e4dc75e898e46f6c8c2d7f0fef8f98c37
imphash 39bbbc64a676514c7b00dd2de0afa2b6
File size 28.0 KB ( 28672 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe upx

VirusTotal metadata
First submission 2006-08-07 16:44:17 UTC ( 12 years, 8 months ago )
Last submission 2018-07-26 05:13:37 UTC ( 8 months, 4 weeks ago )
File names VirusShare_e905f8949918c9fbebaf42d1e821fe6e
VirusShare_e905f8949918c9fbebaf42d1e821fe6e
e905f8949918c9fbebaf42d1e821fe6e8d9e64744a0047f8b52f09845590812f951507eb28672.exe
8d9e64744a0047f8b52f09845590812f951507eb.bin
Joiner 2.5.exe
E905F8949918C9FBEBAF42D1E821FE6E
file-3636965_exe
smona132245435409242055577
e905f8949918c9fbebaf42d1e821fe6e
VirusShare_e905f8949918c9fbebaf42d1e821fe6e
Trojan-Dropper.Win32.ZomJoiner.25
joiner.exe
e905f8949918c9fbebaf42d1e821fe6e.exe
Trojan-Dropper.Win32.ZomJoiner.25.exe
test.txt
JOINER 2
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: TROJ_GEN.R047C0CLC15.

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!