× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1741ce8020c987da0eb90ddb766ce8636c4e6ab0c31ba1810c0ff7964c78526a
File name: Apollo_x64.exe
Detection ratio: 44 / 70
Analysis date: 2018-12-23 23:03:58 UTC ( 1 month, 4 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Mikey.87960 20181223
AhnLab-V3 Malware/Win64.Generic.C2652775 20181223
ALYac Gen:Variant.Mikey.87960 20181223
Antiy-AVL Trojan/Win32.AGeneric 20181223
Arcabit Trojan.Mikey.D15798 20181223
Avast Win64:MalwareX-gen [Trj] 20181223
AVG Win64:MalwareX-gen [Trj] 20181223
Avira (no cloud) TR/CoinMiner.sylwv 20181223
BitDefender Gen:Variant.Mikey.87960 20181223
CAT-QuickHeal Trojan.IGENERIC 20181223
Comodo Malware@#3bgvm61te0pfd 20181223
CrowdStrike Falcon (ML) malicious_confidence_80% (W) 20181022
Cylance Unsafe 20181224
Cyren W64/Trojan.WHCN-7843 20181223
Emsisoft Gen:Variant.Mikey.87960 (B) 20181223
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win64/CoinMiner.NI 20181223
F-Prot W64/CoinMiner.Y.gen!Eldorado 20181223
F-Secure Gen:Variant.Mikey.87960 20181223
Fortinet W64/CoinMiner.NI!tr 20181223
GData Gen:Variant.Mikey.87960 20181223
Ikarus Trojan.Win64.CoinMiner 20181223
Sophos ML heuristic 20181128
Jiangmin Trojan.Generic.cosey 20181223
K7AntiVirus Trojan ( 0053c2b91 ) 20181223
K7GW Trojan ( 0053c2b91 ) 20181223
Kaspersky HEUR:Trojan.Win32.Generic 20181223
MAX malware (ai score=83) 20181224
McAfee RDN/Generic.dx 20181223
McAfee-GW-Edition RDN/Generic.dx 20181223
Microsoft Trojan:Win64/CoinMiner.RC!bit 20181223
eScan Gen:Variant.Mikey.87960 20181223
Palo Alto Networks (Known Signatures) generic.ml 20181224
Panda Trj/CI.A 20181223
Qihoo-360 Win32/Trojan.fe1 20181224
Rising Trojan.CoinMiner!8.30A (CLOUD) 20181223
Sophos AV Mal/Generic-S 20181223
Symantec Trojan Horse 20181222
Tencent Win32.Trojan.Generic.Pcsf 20181224
TrendMicro TROJ_GEN.R002C0DHS18 20181223
TrendMicro-HouseCall Coinminer.Win64.MALXMR.SMAG 20181223
Webroot W32.Adware.Gen 20181224
Yandex Trojan.Agent!vCEHh5XJ5wo 20181223
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20181223
Acronis 20181222
AegisLab 20181223
Alibaba 20180921
Avast-Mobile 20181223
Babable 20180918
Baidu 20181207
Bkav 20181221
ClamAV 20181223
CMC 20181223
Cybereason 20180225
DrWeb 20181223
eGambit 20181224
Kingsoft 20181224
Malwarebytes 20181223
NANO-Antivirus 20181223
SentinelOne (Static ML) 20181223
SUPERAntiSpyware 20181220
Symantec Mobile Insight 20181215
TACHYON 20181223
TheHacker 20181220
TotalDefense 20181223
Trapmine 20181205
Trustlook 20181224
VBA32 20181222
ViRobot 20181223
Zillya 20181222
Zoner 20181223
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem that targets 64bit architectures.
PE header basic information
Target machine x64
Compilation timestamp 2018-08-26 17:12:03
Entry Point 0x00014F28
Number of sections 5
PE sections
PE imports
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey
GetStdHandle
ReleaseMutex
WaitForSingleObject
GetProcessId
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
FreeEnvironmentStringsW
InitializeSListHead
GetThreadContext
SetStdHandle
GetCPInfo
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetFileAttributesA
GetExitCodeProcess
OutputDebugStringW
FindClose
TlsGetValue
SetLastError
GetSystemTime
IsDebuggerPresent
ExitProcess
GetModuleFileNameA
FreeLibrary
RtlVirtualUnwind
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
CreateMutexA
CreateThread
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
SetEnvironmentVariableA
TerminateProcess
GetModuleHandleExW
SetEndOfFile
GetCurrentThreadId
WriteConsoleW
CreateToolhelp32Snapshot
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
OpenProcess
GetOEMCP
QueryPerformanceCounter
TlsAlloc
FlushFileBuffers
Process32Next
RtlPcToFileHeader
Process32First
CreateDirectoryA
GetStartupInfoW
GetProcAddress
GetProcessHeap
CompareStringW
FindFirstFileExA
RtlLookupFunctionEntry
FindNextFileA
RtlUnwindEx
ReadConsoleW
CreateFileW
GetConsoleWindow
CopyFileA
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
SystemTimeToFileTime
LCMapStringW
GetSystemInfo
GetConsoleCP
GetEnvironmentStringsW
GetCurrentProcessId
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
TlsFree
ReadFile
RtlCaptureContext
CloseHandle
OpenMutexW
GetACP
GetModuleHandleW
GetFileAttributesExW
CreateProcessA
IsValidCodePage
Sleep
GetModuleFileNameExA
ShellExecuteA
PathFileExistsA
GetWindowThreadProcessId
GetWindowTextLengthA
GetForegroundWindow
EnumDisplayDevicesA
MessageBoxA
GetWindowTextA
ShowWindow
InternetReadFile
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetCheckConnectionA
Number of PE resources by type
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
AMD AMD64

FileTypeExtension
exe

TimeStamp
2018:08:26 18:12:03+01:00

FileType
Win64 EXE

PEType
PE32+

CodeSize
163840

LinkerVersion
14.14

ImageFileCharacteristics
No relocs, Executable, Large address aware

EntryPoint
0x14f28

InitializedDataSize
63488

SubsystemVersion
5.2

ImageVersion
0.0

OSVersion
5.2

UninitializedDataSize
0

File identification
MD5 b339af3732fdbad8409df8fb57bb6eea
SHA1 b658136434f0bd112200528958bb1eb1776b3616
SHA256 1741ce8020c987da0eb90ddb766ce8636c4e6ab0c31ba1810c0ff7964c78526a
ssdeep
3072:dOA79ctFgBqK+PD7Y6cvXgTWcH+wQrBxbEo+PzqMHgn4:4iggsK+PDsMCoirrQHHU4

authentihash 1d1b8320d336898ca53a7465b759cdd95924748321a84848f3218c218b7ca835
imphash f81d05191616ceed6482e7c88f4e7151
File size 216.0 KB ( 221184 bytes )
File type Win32 EXE
Magic literal
PE32+ executable for MS Windows (console) Mono/.Net assembly

TrID Win64 Executable (generic) (82.0%)
OS/2 Executable (generic) (6.0%)
Generic Win/DOS Executable (5.9%)
DOS Executable Generic (5.9%)
Tags
64bits peexe assembly

VirusTotal metadata
First submission 2018-08-28 10:08:58 UTC ( 5 months, 3 weeks ago )
Last submission 2018-08-28 10:08:58 UTC ( 5 months, 3 weeks ago )
File names Apollo_x64.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!