× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 17276889381199d2c7966e5a13438ef9c868d5131b438ed296418accb5aaa5f1
File name: google_update.exe-2017-11-29.162957.txt
Detection ratio: 7 / 68
Analysis date: 2017-12-16 17:48:25 UTC ( 1 year, 2 months ago ) View latest
Antivirus Result Update
AegisLab Uds.Dangerousobject.Multi!c 20171216
CAT-QuickHeal Trojan.Multi 20171216
Kaspersky Trojan.MSIL.Agent.fqhl 20171216
Tencent Msil.Trojan.Agent.Edxz 20171216
TrendMicro-HouseCall Suspicious_GEN.F47V1129 20171216
VBA32 Trojan.MSIL.Agent 20171215
ZoneAlarm by Check Point Trojan.MSIL.Agent.fqhl 20171216
Ad-Aware 20171216
AhnLab-V3 20171216
Alibaba 20171215
ALYac 20171216
Antiy-AVL 20171216
Arcabit 20171215
Avast 20171216
Avast-Mobile 20171216
AVG 20171216
Avira (no cloud) 20171216
AVware 20171216
Baidu 20171216
BitDefender 20171216
Bkav 20171216
ClamAV 20171216
CMC 20171216
Comodo 20171216
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20171216
Cyren 20171216
DrWeb 20171216
eGambit 20171216
Emsisoft 20171216
Endgame 20171130
ESET-NOD32 20171216
F-Prot 20171216
F-Secure 20171216
Fortinet 20171216
GData 20171216
Ikarus 20171216
Sophos ML 20170914
Jiangmin 20171216
K7AntiVirus 20171216
K7GW 20171214
Kingsoft 20171216
Malwarebytes 20171216
MAX 20171216
McAfee 20171216
McAfee-GW-Edition 20171216
Microsoft 20171216
eScan 20171216
NANO-Antivirus 20171216
nProtect 20171216
Palo Alto Networks (Known Signatures) 20171216
Panda 20171216
Qihoo-360 20171216
Rising 20171216
SentinelOne (Static ML) 20171207
Sophos AV 20171216
SUPERAntiSpyware 20171216
Symantec 20171215
Symantec Mobile Insight 20171215
TheHacker 20171210
TotalDefense 20171216
TrendMicro 20171216
Trustlook 20171216
VIPRE 20171216
ViRobot 20171216
Webroot 20171216
WhiteArmor 20171204
Yandex 20171216
Zillya 20171214
Zoner 20171216
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © Microsoft 2016

Product WindowsApplication1
Original name google update.exe
Internal name google update.exe
File version 1.0.0.0
Description WindowsApplication1
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-02-23 23:10:07
Entry Point 0x00003DBE
Number of sections 4
.NET details
Module Version ID 5182257d-fade-4b70-98a8-0c061cb8fde4
TypeLib ID ea46523e-e256-4649-be07-ad9d510708de
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 4
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

ProductName
WindowsApplication1

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
19968

FileTypeExtension
exe

OriginalFileName
google update.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.0.0

TimeStamp
2017:02:24 00:10:07+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
google update.exe

ProductVersion
1.0.0.0

FileDescription
WindowsApplication1

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright Microsoft 2016

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft

CodeSize
7680

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x3dbe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 8f7bc3437b64a056a860def231afae55
SHA1 c19f2d5feeb88a9f716a65c6f536fd251718a718
SHA256 17276889381199d2c7966e5a13438ef9c868d5131b438ed296418accb5aaa5f1
ssdeep
192:DhLBmCOcNLZ8onzzhnZmanloYk4PNIDLRWXE+ZSe7WSn1D3JojJ/MkRwugl/AtF:NLECOoztZe4V+LRP0F7WSB3JA/JRsRA

authentihash a0ede5cf61ef6bbdcd2437d67ec0445f0c514fe503a2b750a9b186fb349bae76
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 28.0 KB ( 28672 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (79.2%)
Win32 Dynamic Link Library (generic) (7.1%)
Win32 Executable (generic) (4.8%)
Win16/32 Executable Delphi generic (2.2%)
OS/2 Executable (generic) (2.1%)
Tags
peexe assembly

VirusTotal metadata
First submission 2017-04-09 19:12:47 UTC ( 1 year, 10 months ago )
Last submission 2018-04-02 12:32:14 UTC ( 10 months, 3 weeks ago )
File names google update.exe
google update.exe
google update.exe
output.113045303.txt
google%20update.exe
google_update.exe-2017-11-29.162957.txt
google update.exe
Behaviour characterization
Zemana
dll-injection

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!