× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 13f088b07a4cd3e9c69090cd4c5a78a1db59487b5f0963d1276b2219aaa84432
File name: zbetcheckin_tracker_tolleu.exe
Detection ratio: 32 / 70
Analysis date: 2018-12-15 13:23:21 UTC ( 3 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Graftor.532604 20181215
ALYac Gen:Variant.Graftor.532604 20181215
Antiy-AVL Trojan[Spy]/Win32.Stealer 20181215
Arcabit Trojan.Graftor.D8207C 20181215
Avast Win32:Trojan-gen 20181215
AVG Win32:Trojan-gen 20181215
Avira (no cloud) TR/Dropper.Gen 20181215
BitDefender Gen:Variant.Graftor.532604 20181215
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
Cybereason malicious.675e8b 20180225
Cylance Unsafe 20181215
Cyren W32/Mikey.ULIV-1904 20181215
Emsisoft Gen:Variant.Graftor.532604 (B) 20181215
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Generik.MQFVJSF 20181215
F-Prot W32/Mikey.AN 20181215
F-Secure Gen:Variant.Graftor.532604 20181215
Fortinet W32/Generic.AC.42FF82 20181215
GData Gen:Variant.Graftor.532604 20181215
Kaspersky Trojan-PSW.Win32.Fareit.eqyb 20181215
MAX malware (ai score=81) 20181215
McAfee GenericRXGQ-VY!CF3E112675E8 20181215
Microsoft Trojan:Win32/Fuerboos.A!cl 20181215
eScan Gen:Variant.Graftor.532604 20181215
NANO-Antivirus Virus.Win32.Gen.ccmw 20181215
Qihoo-360 HEUR/QVM20.1.E1F1.Malware.Gen 20181215
Rising Spyware.Stealer!8.3090 (TFE:dGZlOgQZ17JP2Rbe1g) 20181215
SentinelOne (Static ML) static engine - malicious 20181011
Symantec ML.Attribute.HighConfidence 20181215
Trapmine malicious.moderate.ml.score 20181205
VBA32 Heur.Trojan.Hlux 20181214
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20181215
AegisLab 20181214
AhnLab-V3 20181214
Alibaba 20180921
Avast-Mobile 20181215
Babable 20180918
Baidu 20181207
Bkav 20181214
CAT-QuickHeal 20181215
ClamAV 20181215
CMC 20181215
Comodo 20181215
DrWeb 20181215
eGambit 20181215
Ikarus 20181215
Sophos ML 20181128
Jiangmin 20181215
K7AntiVirus 20181215
K7GW 20181215
Kingsoft 20181215
Malwarebytes 20181215
McAfee-GW-Edition 20181215
Palo Alto Networks (Known Signatures) 20181215
Panda 20181215
Sophos AV 20181215
SUPERAntiSpyware 20181212
Symantec Mobile Insight 20181215
TACHYON 20181214
Tencent 20181215
TheHacker 20181213
TotalDefense 20181215
TrendMicro 20181215
TrendMicro-HouseCall 20181215
Trustlook 20181215
VIPRE 20181215
ViRobot 20181214
Webroot 20181215
Yandex 20181214
Zillya 20181213
Zoner 20181215
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-11-18 12:40:03
Entry Point 0x00001252
Number of sections 2
PE sections
Number of PE resources by type
RT_RCDATA 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:11:18 13:40:03+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
1536

LinkerVersion
9.0

ImageFileCharacteristics
No relocs, Executable, 32-bit

EntryPoint
0x1252

InitializedDataSize
717824

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 cf3e112675e8b3da6e5c2464c79b42b6
SHA1 dbf668256c850133b0e80d20149835af1fdaf6ef
SHA256 13f088b07a4cd3e9c69090cd4c5a78a1db59487b5f0963d1276b2219aaa84432
ssdeep
12288:6Ho5SbkgR31RdmYtNj8PjJCNZnRjaqXbQEsmmKhVqcApD7avodDHmcsLtXJHb:+zlR9YLJCBXb9pp+zJ7NpGcsLtXJHb

authentihash e0e32a16087e83ec579d0fe39527410f9411fb486dd61ad8e0d80dec8cd53f3d
File size 703.0 KB ( 719872 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-15 13:23:21 UTC ( 3 months, 1 week ago )
Last submission 2018-12-15 15:04:03 UTC ( 3 months, 1 week ago )
File names zbetcheckin_tracker_tolleu.exe
output.114722428.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Written files
Created processes
Opened mutexes
Runtime DLLs