× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1d16fbd6b47365be41541a90753d712533e1767c3d4897d2a803a11defc9af3d
File name: 79e1c84a891e48dd36e2133a80814896597db59d2dd8f896e4b6f824dd4122c24...
Detection ratio: 0 / 63
Analysis date: 2018-01-05 04:19:50 UTC ( 5 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware 20171225
AegisLab 20180105
AhnLab-V3 20180104
Alibaba 20180105
ALYac 20180105
Antiy-AVL 20180103
Arcabit 20180105
Avast 20180105
Avast-Mobile 20180104
AVG 20180105
Avira (no cloud) 20180105
AVware 20180103
Baidu 20180104
BitDefender 20180105
Bkav 20180104
CAT-QuickHeal 20180104
ClamAV 20180104
CMC 20180104
Comodo 20180105
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20180105
Cyren 20180105
DrWeb 20180105
eGambit 20180105
Emsisoft 20180105
Endgame 20171130
ESET-NOD32 20180105
F-Prot 20180105
F-Secure 20180105
Fortinet 20180105
GData 20180105
Ikarus 20180104
Sophos ML 20170914
Jiangmin 20180105
K7AntiVirus 20180105
K7GW 20180104
Kaspersky 20180105
Kingsoft 20180105
Malwarebytes 20180105
MAX 20180105
McAfee 20180102
McAfee-GW-Edition 20180105
Microsoft 20180104
eScan 20180105
NANO-Antivirus 20180105
nProtect 20180105
Palo Alto Networks (Known Signatures) 20180105
Panda 20180104
Qihoo-360 20180105
Rising 20180105
SentinelOne (Static ML) 20171224
Sophos AV 20180105
SUPERAntiSpyware 20180105
Symantec 20180105
Tencent 20180105
TheHacker 20180103
TotalDefense 20180104
TrendMicro 20180105
TrendMicro-HouseCall 20180105
Trustlook 20180105
VBA32 20180104
VIPRE 20180105
ViRobot 20180105
Webroot 20180105
WhiteArmor 20171226
Yandex 20171229
Zillya 20180104
ZoneAlarm by Check Point 20180105
Zoner 20180105
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
1
Uncompressed size
9193160
Highest datetime
2013-08-01 00:51:18
Lowest datetime
2013-08-01 00:51:18
Contained files by extension
exe
1
Contained files by type
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0xeed1c895

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
9193160

ZipCompressedSize
9163238

FileTypeExtension
zip

ZipFileName
DoroSetup.exe

ZipBitFlag
0

ZipModifyDate
2013:08:01 00:51:09

File identification
MD5 ce3e89a01f9b0dde2e8a8d6d662537bb
SHA1 b3b8463d5435a7b4504f03476921dd51a8ab4d01
SHA256 1d16fbd6b47365be41541a90753d712533e1767c3d4897d2a803a11defc9af3d
ssdeep
196608:2L13nf+ApqICYA2i+7XrkBzbcKku5sMvPXfyUDe8Tlf9EpnSC6fZKUh6Y:K3f7VCDzzbmSXXfyUCcfunSXKyL

File size 8.7 MB ( 9163398 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe zip software-collection

VirusTotal metadata
First submission 2013-08-01 05:54:03 UTC ( 4 years, 10 months ago )
Last submission 2016-10-30 06:57:45 UTC ( 1 year, 7 months ago )
File names DoropdfSetup.zip
doro-pdf-writer-1-85-en-win.zip
DoroSetup.zip
DoroSetup.zip
79e1c84a891e48dd36e2133a80814896597db59d2dd8f896e4b6f824dd4122c249fa8a18a45b37be2a0499d092175ab79c71d08e6e1249499ee74fdbf5c92429
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!