× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 16005b1781b0ceca92cb7f80e3e10f5718c93f67f642447309a9179d30beb285
File name: Terminal_Chat.exe
Detection ratio: 1 / 54
Analysis date: 2016-12-25 19:22:24 UTC ( 10 months ago ) View latest
Antivirus Result Update
Qihoo-360 HEUR/QVM03.0.0000.Malware.Gen 20161225
Ad-Aware 20161225
AegisLab 20161225
AhnLab-V3 20161225
Alibaba 20161223
ALYac 20161225
Antiy-AVL 20161225
Arcabit 20161225
Avast 20161225
AVG 20161225
Avira (no cloud) 20161225
AVware 20161225
Baidu 20161207
BitDefender 20161225
Bkav 20161224
CAT-QuickHeal 20161224
ClamAV 20161225
CMC 20161225
Comodo 20161225
CrowdStrike Falcon (ML) 20161024
Cyren 20161225
DrWeb 20161225
ESET-NOD32 20161225
F-Prot 20161225
F-Secure 20161225
Fortinet 20161225
GData 20161225
Ikarus 20161225
Sophos ML 20161216
Jiangmin 20161225
K7AntiVirus 20161225
K7GW 20161225
Kaspersky 20161225
Kingsoft 20161225
Malwarebytes 20161225
McAfee 20161225
McAfee-GW-Edition 20161225
Microsoft 20161225
eScan 20161225
NANO-Antivirus 20161225
nProtect 20161225
Panda 20161225
Rising 20161225
Sophos AV 20161225
SUPERAntiSpyware 20161225
Symantec 20161225
Tencent 20161225
TheHacker 20161222
TrendMicro 20161225
TrendMicro-HouseCall 20161225
Trustlook 20161225
VBA32 20161223
VIPRE 20161225
ViRobot 20161225
WhiteArmor 20161221
Yandex 20161225
Zillya 20161223
Zoner 20161225
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright © Microsoft 2016

Product Test_Linux1
Original name Test_Linux1.exe
Internal name Test_Linux1.exe
File version 1.0.0.0
Description Test_Linux1
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-12-25 19:03:19
Entry Point 0x000044FE
Number of sections 3
.NET details
Module Version ID cc9dc191-f79e-435d-9547-4c0b6cf5d4c3
TypeLib ID e5776483-68e7-4c9b-b697-85ccd7851ca4
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 9
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 12
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
6.0

InitializedDataSize
166400

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
11.0

EntryPoint
0x44fe

OriginalFileName
Test_Linux1.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright Microsoft 2016

FileVersion
1.0.0.0

TimeStamp
2016:12:25 20:03:19+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Test_Linux1.exe

ProductVersion
1.0.0.0

FileDescription
Test_Linux1

OSVersion
4.0

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft

CodeSize
9728

ProductName
Test_Linux1

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 cd286ec15a3868bae4f1c206ff009fee
SHA1 7e0fd586e4e58e459b3a02bbb8c7b9a7ad178a26
SHA256 16005b1781b0ceca92cb7f80e3e10f5718c93f67f642447309a9179d30beb285
ssdeep
384:jlX7AN73/m1qQc+6EjZ/3XLcg5ndqHqyyyyyyyyyyyyyyyyyhxyyyMW2N:5kNIZjZ/nndqHX

authentihash adbd15d84b9eb641f18b7428b004eeb4f6f8fdb15072d1c3aef79e986d5a99b4
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 172.5 KB ( 176640 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (82.9%)
Win32 Dynamic Link Library (generic) (7.4%)
Win32 Executable (generic) (5.1%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)
Tags
peexe assembly

VirusTotal metadata
First submission 2016-12-25 19:22:24 UTC ( 10 months ago )
Last submission 2016-12-25 19:22:24 UTC ( 10 months ago )
File names Test_Linux1.exe
Terminal_Chat.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!