× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 16b07f5b24c2c38ea4340db51d71870f3424a6e763a5e534e846c86390e6229b
File name: test.exe
Detection ratio: 17 / 67
Analysis date: 2018-10-29 00:03:31 UTC ( 4 months, 3 weeks ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20181029
AVG FileRepMalware 20181029
CrowdStrike Falcon (ML) malicious_confidence_80% (W) 20181022
Cylance Unsafe 20181029
ESET-NOD32 a variant of MSIL/Kryptik.PYP 20181028
Fortinet MSIL/Kryptik.PYI!tr 20181028
Sophos ML heuristic 20180717
Kaspersky HEUR:Trojan-Spy.MSIL.Agent.gen 20181028
McAfee GenericRXGN-UW!D1BF8A970610 20181028
McAfee-GW-Edition BehavesLike.Win32.Generic.hh 20181028
Microsoft VirTool:MSIL/CryptInject.AB!MTB 20181028
Palo Alto Networks (Known Signatures) generic.ml 20181029
Qihoo-360 Win32/Trojan.Spy.b3d 20181029
SentinelOne (Static ML) static engine - malicious 20181011
Symantec ML.Attribute.HighConfidence 20181028
TrendMicro-HouseCall TROJ_GEN.R002C0DJS18 20181029
ZoneAlarm by Check Point HEUR:Trojan-Spy.MSIL.Agent.gen 20181028
Ad-Aware 20181028
AegisLab 20181028
AhnLab-V3 20181028
Alibaba 20180921
ALYac 20181028
Antiy-AVL 20181028
Arcabit 20181029
Avast-Mobile 20181028
Avira (no cloud) 20181028
Babable 20180918
Baidu 20181026
BitDefender 20181028
Bkav 20181025
CAT-QuickHeal 20181028
ClamAV 20181028
CMC 20181028
Cybereason 20180225
Cyren 20181028
DrWeb 20181028
eGambit 20181029
Emsisoft 20181028
Endgame 20180730
F-Prot 20181028
F-Secure 20181028
GData 20181028
Ikarus 20181028
Jiangmin 20181028
K7AntiVirus 20181028
K7GW 20181025
Kingsoft 20181029
Malwarebytes 20181028
MAX 20181029
eScan 20181028
NANO-Antivirus 20181028
Panda 20181028
Rising 20181028
Sophos AV 20181029
SUPERAntiSpyware 20181022
Symantec Mobile Insight 20181026
TACHYON 20181028
Tencent 20181029
TheHacker 20181025
TotalDefense 20181028
TrendMicro 20181028
VBA32 20181026
VIPRE 20181027
ViRobot 20181028
Webroot 20181029
Yandex 20181026
Zillya 20181028
Zoner 20181029
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2008 - 2018. All rights reserved.

Product Microsoft
Original name test.exe
Internal name test.exe
File version 1.0.0.8
Description Invoice
Comments Invoice
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2003-08-26 14:05:03
Entry Point 0x00095B8E
Number of sections 3
.NET details
Module Version ID 104a4513-6cc6-4cfc-aa0e-f31f3a84608a
TypeLib ID 2893fbc9-de49-4b16-af99-198508b4c890
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
Invoice

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.8

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Invoice

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
2048

EntryPoint
0x95b8e

OriginalFileName
test.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2008 - 2018. All rights reserved.

FileVersion
1.0.0.8

TimeStamp
2003:08:26 16:05:03+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
test.exe

ProductVersion
1.0.0.8

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft

CodeSize
605184

ProductName
Microsoft

ProductVersionNumber
1.0.0.8

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 d1bf8a970610264b4958834bb0129c7f
SHA1 9a6ef6d999095e320a97cb1208337dface34b986
SHA256 16b07f5b24c2c38ea4340db51d71870f3424a6e763a5e534e846c86390e6229b
ssdeep
6144:KaSrBvqUZ2YmLwE7yZZdyUYu1I9GlXOB0NB/Tn1HQrWp9VPlrUKKpYsCPKxFfD7Q:aB1I9GlRn1HVVPJJskK7DiB9ae

authentihash 02dad4e6ac016231225bf2e4087717ad31ebef7d49c8ffe6538f60892acdd482
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 593.5 KB ( 607744 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (79.2%)
Win32 Dynamic Link Library (generic) (7.1%)
Win32 Executable (generic) (4.8%)
Win16/32 Executable Delphi generic (2.2%)
OS/2 Executable (generic) (2.1%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-10-28 21:04:12 UTC ( 4 months, 3 weeks ago )
Last submission 2018-11-08 08:41:50 UTC ( 4 months, 1 week ago )
File names d1bf8a970610264b4958834bb0129c7f
test.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!