× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 15c69c0d3b4468663ec047ad2c3c389cc02de4bf6330aa37c462ed4b5c802ce1
File name: Attached_File_SCAN.exe
Detection ratio: 30 / 41
Analysis date: 2012-08-22 21:13:38 UTC ( 6 years, 9 months ago ) View latest
Antivirus Result Update
AntiVir TR/Spy.91136.130 20120822
Avast Win32:Crypt-NQY [Trj] 20120822
AVG Zbot.MO 20120822
BitDefender Gen:Heur.Conjar.9 20120822
Commtouch W32/Trojan3.DYX 20120822
Comodo UnclassifiedMalware 20120822
DrWeb Trojan.DownLoad3.12253 20120822
Emsisoft Trojan-Ransom.Win32.PornoAsset!IK 20120822
ESET-NOD32 Win32/Kryptik.AKOR 20120822
F-Prot W32/Trojan3.DYX 20120821
F-Secure Gen:Heur.Conjar.9 20120822
Fortinet W32/Yakes.AP!tr 20120822
GData Gen:Heur.Conjar.9 20120822
Jiangmin TrojanDownloader.Deliver.dh 20120822
K7AntiVirus Riskware 20120822
Kaspersky Trojan-Downloader.Win32.Deliver.st 20120822
McAfee PWS-Zbot.gen.ab 20120822
McAfee-GW-Edition Generic.dx!bfmx 20120822
Microsoft Worm:Win32/Cridex.E 20120822
Norman W32/Suspicious_Gen2.VILUW 20120822
nProtect Trojan/W32.Agent.91136.TI 20120822
Panda Generic Malware 20120822
PCTools Trojan.Generic 20120822
Sophos AV Troj/Bredo-ABP 20120822
Symantec Trojan Horse 20120822
TrendMicro TSPY_ZBOT.DAM 20120822
TrendMicro-HouseCall TSPY_ZBOT.DAM 20120822
VIPRE Trojan.Win32.Generic.pak!cobra 20120822
ViRobot Trojan.Win32.A.Downloader.91136.CJ 20120822
VirusBuster Trojan.Kryptik!nZACa6ySfss 20120822
Antiy-AVL 20120822
ByteHero 20120817
CAT-QuickHeal 20120822
ClamAV 20120822
eSafe 20120821
Ikarus 20120818
Rising 20120822
SUPERAntiSpyware 20120822
TheHacker 20120822
TotalDefense 20120822
VBA32 20120822
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-03-25 05:01:22
Entry Point 0x0000116A
Number of sections 6
PE sections
Number of PE resources by type
RT_ICON 3
RT_DIALOG 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 4
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

SubsystemVersion
5.1

MachineType
Intel 386 or later, and compatibles

TimeStamp
2011:03:25 06:01:22+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
0

LinkerVersion
18.18

FileTypeExtension
exe

InitializedDataSize
11264

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x116a

OSVersion
5.1

ImageVersion
0.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 41f6cd9df05fa7d880061651235d50e0
SHA1 bb41cfcb45aef36fc84bcd9d24f7218cac9be12c
SHA256 15c69c0d3b4468663ec047ad2c3c389cc02de4bf6330aa37c462ed4b5c802ce1
ssdeep
1536:TFIPnm6M7a72oATjOMko6/x1A3XAV914fo/b9t+ss3:ePnZqTjOMkp/VT14M+

authentihash 3d8f634106a8e06fdf102fa4783c69c018b70f42fb98e8eee8759fad5a8d966f
File size 89.0 KB ( 91136 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2012-08-20 15:49:23 UTC ( 6 years, 9 months ago )
Last submission 2018-08-30 11:28:32 UTC ( 8 months, 3 weeks ago )
File names 489654824
1345559176.Attached_File_SCAN2.exe
$RWAE403.ex_
Attached_File_SCAN.exe.virus
ups_id216114.exe.txt
41f6cd9df05fa7d880061651235d50e0.virobj
Attached_File_SCAN.exe
41f6cd9df05fa7d880061651235d50e0.bin
Attached_File_SCAN.exe-21aug12.txt
004203769
Attached_File_SCAN_1.exe
file
smona_15c69c0d3b4468663ec047ad2c3c389cc02de4bf6330aa37c462ed4b5c802ce1.bin
Attached_File_SCAN.exe
file-4397175_exe
aa
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!