× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 148a3961e6e5b70d24e9b00a2c2969c0a3d7b76429af20e3ec17194b8096310f
File name: 7078b26afc8614bdd4ebab2bdd0ced60.virus
Detection ratio: 51 / 64
Analysis date: 2018-07-04 20:21:16 UTC ( 7 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Win32.VJadtre.3 20180704
AegisLab W32.Nimnul.m1R5 20180704
AhnLab-V3 Win32/VJadtre.Gen 20180704
ALYac Win32.VJadtre.3 20180704
Antiy-AVL Virus/Win32.Nimnul.f 20180704
Avast Win32:Malware-gen 20180704
AVG Win32:Malware-gen 20180704
Avira (no cloud) W32/Jadtre.B 20180704
AVware Virus.Win32.Small.acea (v) 20180704
Baidu Win32.Virus.Otwycal.d 20180704
BitDefender Win32.VJadtre.3 20180704
Bkav W32.FamVT.DumpModuleInfectiousNME.PE 20180704
CAT-QuickHeal W32.Nimnul.F1 20180704
ClamAV Win.Trojan.Downloader-64720 20180704
Comodo Virus.Win32.Wali.KA 20180704
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180530
Cybereason malicious.afc861 20180225
Cyren W32/PatchLoad.E 20180704
DrWeb Trojan.Emotet.240 20180704
Emsisoft Trojan.Emotet (A) 20180704
Endgame malicious (high confidence) 20180612
ESET-NOD32 Win32/Wapomi.BA 20180704
F-Prot W32/PatchLoad.E 20180704
F-Secure Win32.VJadtre.3 20180704
Fortinet W32/Nimnul.F 20180704
GData Win32.Virus.Wapomi.A 20180704
Ikarus Trojan-Downloader.Win32.Small 20180704
Sophos ML heuristic 20180601
K7AntiVirus Virus ( 0040f7441 ) 20180704
K7GW Virus ( 0040f7441 ) 20180704
Kaspersky Virus.Win32.Nimnul.f 20180704
MAX malware (ai score=89) 20180704
McAfee W32/Kudj 20180704
McAfee-GW-Edition BehavesLike.Win32.Pate.ch 20180704
Microsoft Virus:Win32/Mikcer.B 20180704
eScan Win32.VJadtre.3 20180704
NANO-Antivirus Trojan.Win32.Banload.cstqaj 20180704
Panda W32/Pcarrier.A 20180704
Qihoo-360 Virus.Win32.Agent.P 20180704
SentinelOne (Static ML) static engine - malicious 20180701
Sophos AV W32/Nimnul-A 20180704
Symantec W32.Wapomi.C!inf 20180704
TACHYON Virus/W32.Ramnit.C 20180704
Tencent Virus.Win32.Loader.aab 20180704
TotalDefense Win32/Nimnul.A 20180704
VBA32 Virus.Nimnul.19209 20180704
VIPRE Virus.Win32.Small.acea (v) 20180704
ViRobot Win32.Ramnit.F 20180704
Zillya Virus.Nimnul.Win32.5 20180704
ZoneAlarm by Check Point Virus.Win32.Nimnul.f 20180704
Zoner Win32.Wapomi.A 20180704
Arcabit 20180704
Avast-Mobile 20180704
Babable 20180406
CMC 20180704
eGambit 20180704
Jiangmin 20180704
Kingsoft 20180704
Malwarebytes 20180704
Palo Alto Networks (Known Signatures) 20180704
SUPERAntiSpyware 20180704
TheHacker 20180628
Trustlook 20180704
Webroot 20180704
Yandex 20180704
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-06-17 17:53:43
Entry Point 0x0001F000
Number of sections 6
PE sections
PE imports
SetSecurityDescriptorDacl
GetServiceKeyNameW
GetNumberOfEventLogRecords
StartServiceCtrlDispatcherA
GetEventLogInformation
GetPaletteEntries
GetRasterizerCaps
GetLastError
GetCurrentProcess
_lclose
ApplicationRecoveryFinished
GetFileSize
SetConsoleDisplayMode
GetNumberOfConsoleInputEvents
CloseHandle
GetSystemTimeAsFileTime
GetProcessIoCounters
NdrClientInitializeNew
PathGetDriveNumberA
GetClipboardViewer
GetDoubleClickTime
IsWindowVisible
IsWindowUnicode
GetMessageTime
SetClipboardViewer
SCardGetCardTypeProviderNameW
Number of PE resources by type
RT_BITMAP 3
RT_STRING 3
Number of PE resources by language
NEUTRAL 5
NEUTRAL DEFAULT 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2014:06:17 18:53:43+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
45056

LinkerVersion
12.0

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x1f000

InitializedDataSize
0

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
53248

File identification
MD5 7078b26afc8614bdd4ebab2bdd0ced60
SHA1 8b5a562e182cb812b32e2e026c56225d65ddbc10
SHA256 148a3961e6e5b70d24e9b00a2c2969c0a3d7b76429af20e3ec17194b8096310f
ssdeep
3072:Kzq33333333333333333333333333333333333333333333333333333xi/hMRNC:6q333333333333333333333333333337

authentihash 5bb6db687ed4c4d8882d053b3d4d0a3628b01e8f989e565575d721999e3409d0
imphash 36f81ca8de9b7685c745e84aa8fc0832
File size 140.0 KB ( 143360 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (64.5%)
Win32 Dynamic Link Library (generic) (13.6%)
Win32 Executable (generic) (9.3%)
OS/2 Executable (generic) (4.1%)
Generic Win/DOS Executable (4.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-07-04 20:21:16 UTC ( 7 months, 3 weeks ago )
Last submission 2018-10-25 17:44:06 UTC ( 3 months, 4 weeks ago )
File names 7078b26afc8614bdd4ebab2bdd0ced60.virus
7078b26afc8614bdd4ebab2bdd0ced60.vir
7078b26afc8614bdd4ebab2bdd0ced60.virobj
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!