× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1951272460f1a3f18d876183c60168da206bc18b05681edfc5f327925425c85d
File name: 3022b146b34dde5f81e8eaf46c22e046
Detection ratio: 18 / 66
Analysis date: 2018-03-25 19:02:54 UTC ( 8 months, 2 weeks ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Zusy.279594 20180325
ALYac Gen:Variant.Zusy.279594 20180325
Arcabit Trojan.Zusy.D4442A 20180325
Avira (no cloud) TR/Crypt.XPACK.Gen2 20180325
BitDefender Gen:Variant.Zusy.279594 20180325
Cylance Unsafe 20180325
Emsisoft Gen:Variant.Zusy.279594 (B) 20180325
ESET-NOD32 a variant of Win32/Kryptik.GEOY 20180325
F-Secure Gen:Variant.Zusy.279594 20180325
GData Gen:Variant.Zusy.279594 20180325
Sophos ML heuristic 20180121
Kaspersky HEUR:Trojan.Win32.Generic 20180325
MAX malware (ai score=86) 20180325
eScan Gen:Variant.Zusy.279594 20180325
NANO-Antivirus Virus.Win32.Gen.ccmw 20180325
Qihoo-360 HEUR/QVM20.1.107E.Malware.Gen 20180325
Sophos AV Mal/Behav-238 20180325
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20180325
AegisLab 20180325
AhnLab-V3 20180325
Alibaba 20180323
Antiy-AVL 20180325
Avast 20180325
Avast-Mobile 20180325
AVG 20180325
AVware 20180325
Baidu 20180323
Bkav 20180325
CAT-QuickHeal 20180325
ClamAV 20180325
CMC 20180325
Comodo 20180325
CrowdStrike Falcon (ML) 20170201
Cybereason None
Cyren 20180325
DrWeb 20180325
eGambit 20180325
Endgame 20180316
F-Prot 20180325
Fortinet 20180325
Ikarus 20180325
Jiangmin 20180325
K7AntiVirus 20180325
K7GW 20180325
Kingsoft 20180325
Malwarebytes 20180325
McAfee 20180325
McAfee-GW-Edition 20180325
Microsoft 20180325
nProtect 20180325
Palo Alto Networks (Known Signatures) 20180325
Panda 20180325
Rising 20180325
SentinelOne (Static ML) 20180225
SUPERAntiSpyware 20180325
Symantec 20180324
Symantec Mobile Insight 20180311
Tencent 20180325
TheHacker 20180319
TotalDefense 20180325
TrendMicro 20180325
TrendMicro-HouseCall 20180325
Trustlook 20180325
VBA32 20180323
VIPRE 20180325
ViRobot 20180325
WhiteArmor 20180324
Yandex 20180324
Zillya 20180323
Zoner 20180325
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-11-08 12:35:43
Entry Point 0x00001341
Number of sections 4
PE sections
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2017:11:08 13:35:43+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
20992

LinkerVersion
14.0

FileTypeExtension
exe

InitializedDataSize
1536

SubsystemVersion
5.1

EntryPoint
0x1341

OSVersion
5.1

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 3022b146b34dde5f81e8eaf46c22e046
SHA1 e99514dc0d1000faa23aaa8ea057b42ab6b69be0
SHA256 1951272460f1a3f18d876183c60168da206bc18b05681edfc5f327925425c85d
ssdeep
384:PFrnY0BaW4CRisrlrHnFB8S8UftI3ojN6xhvncNjt0vFTwdIIhU/aER8SFsTGkYf:Pl1aW4Wnlrl/TfjN6f0NjtUFcdgqS4Gx

authentihash 3652a546780e0f7c3d590fb8a4d4b7388b76cdd12b47fa755b34f76e3f55812f
File size 23.0 KB ( 23552 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
peexe

VirusTotal metadata
First submission 2018-03-25 19:02:54 UTC ( 8 months, 2 weeks ago )
Last submission 2018-03-25 19:02:54 UTC ( 8 months, 2 weeks ago )
File names 3022b146b34dde5f81e8eaf46c22e046
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.