× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1c42a869a886d90fb0dae82ee63c28f441607ddd7e578c17114969fe33f758eb
File name: 550cc5847beca8ef3d8b02d3ed2a4285.virus
Detection ratio: 10 / 70
Analysis date: 2019-01-10 17:56:33 UTC ( 1 month, 2 weeks ago ) View latest
Antivirus Result Update
Avast FileRepMetagen [Malware] 20190110
AVG FileRepMetagen [Malware] 20190110
Avira (no cloud) TR/TrickBot.ikyxr 20190110
CrowdStrike Falcon (ML) malicious_confidence_60% (D) 20181023
Cylance Unsafe 20190110
ESET-NOD32 Win64/TrickBot.AQ 20190110
Fortinet W64/TrickBot.AQ!tr 20190110
Sophos ML heuristic 20181128
Palo Alto Networks (Known Signatures) generic.ml 20190110
Symantec Trojan.Gen.2 20190110
Acronis 20190110
Ad-Aware 20190110
AegisLab 20190110
AhnLab-V3 20190110
Alibaba 20180921
ALYac 20190110
Antiy-AVL 20190110
Arcabit 20190110
Avast-Mobile 20190110
Babable 20180918
Baidu 20190110
BitDefender 20190110
Bkav 20190108
CAT-QuickHeal 20190110
ClamAV 20190110
CMC 20190110
Comodo 20190110
Cybereason 20190109
Cyren 20190110
DrWeb 20190110
eGambit 20190110
Emsisoft 20190110
Endgame 20181108
F-Prot 20190110
F-Secure 20190110
GData 20190110
Ikarus 20190110
Jiangmin 20190110
K7AntiVirus 20190110
K7GW 20190110
Kaspersky 20190110
Kingsoft 20190110
Malwarebytes 20190110
MAX 20190110
McAfee 20190110
McAfee-GW-Edition 20190110
Microsoft 20190110
eScan 20190110
NANO-Antivirus 20190110
Panda 20190109
Qihoo-360 20190110
Rising 20190110
SentinelOne (Static ML) 20181223
Sophos AV 20190110
SUPERAntiSpyware 20190109
TACHYON 20190110
Tencent 20190110
TheHacker 20190106
TotalDefense 20190110
Trapmine 20190103
TrendMicro 20190110
TrendMicro-HouseCall 20190110
Trustlook 20190110
VBA32 20190110
ViRobot 20190110
Webroot 20190110
Yandex 20190110
Zillya 20190109
ZoneAlarm by Check Point 20190110
Zoner 20190110
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem that targets 64bit architectures.
FileVersionInfo properties
PE header basic information
Target machine x64
Compilation timestamp 2019-01-07 09:45:49
Entry Point 0x000113B5
Number of sections 4
PE sections
Number of PE resources by type
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
AMD AMD64

FileTypeExtension
exe

TimeStamp
2019:01:07 01:45:49-08:00

FileType
Win64 EXE

PEType
PE32+

CodeSize
95232

LinkerVersion
3.0

ImageFileCharacteristics
Executable, Large address aware

EntryPoint
0x113b5

InitializedDataSize
10240

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 550cc5847beca8ef3d8b02d3ed2a4285
SHA1 3a42d81e9d61ce18d93203a7cb2d2dd37b65bbf8
SHA256 1c42a869a886d90fb0dae82ee63c28f441607ddd7e578c17114969fe33f758eb
ssdeep
3072:G6oYMKkhzb0hWh0XlzNP7xXXe+pFvt0w:UfzowOpe2F10w

authentihash fb31c78d89e2c31216dc6e4145321491d9fe13ad941de440ed98ebb2d87d22d8
File size 105.0 KB ( 107520 bytes )
File type Win32 EXE
Magic literal
PE32+ executable for MS Windows (GUI)

TrID Win16/32 Executable Delphi generic (25.5%)
OS/2 Executable (generic) (25.0%)
Generic Win/DOS Executable (24.7%)
DOS Executable Generic (24.6%)
Tags
64bits peexe

VirusTotal metadata
First submission 2019-01-10 17:56:33 UTC ( 1 month, 2 weeks ago )
Last submission 2019-01-10 17:56:33 UTC ( 1 month, 2 weeks ago )
File names 550cc5847beca8ef3d8b02d3ed2a4285.virus
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!