× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1d7fd34dad7696fb745d81aaf62d03261a9c550eb56e3d215b5d150ba46e23c6
File name: Boleto_Negociacao.zip
Detection ratio: 13 / 43
Analysis date: 2012-11-05 17:01:55 UTC ( 1 year, 5 months ago ) View latest
Antivirus Result Update
BitDefender Gen:Variant.Symmi.2669 20121105
Commtouch W32/Banload.A.gen!Eldorado 20121105
ESET-NOD32 a variant of Win32/TrojanDownloader.Banload.RNP 20121105
Emsisoft Gen:Variant.Symmi.1430 (B) 20121105
F-Prot W32/Banload.A.gen!Eldorado 20121104
F-Secure Gen:Variant.Symmi.2669 20121105
GData Gen:Variant.Symmi.2669 20121105
Ikarus Trojan-Spy.Win32.Banker.JU 20121105
K7AntiVirus Trojan-Downloader 20121105
MicroWorld-eScan Gen:Variant.Symmi.2669 20121105
Microsoft Trojan:Win32/Balisdat.gen!B 20121105
Rising Trojan.Balisdat!4297 20121105
Sophos Mal/Bancos-BM 20121105
AVG 20121105
Agnitum 20121105
AhnLab-V3 20121105
AntiVir 20121105
Antiy-AVL 20121105
Avast 20121105
ByteHero 20121102
CAT-QuickHeal 20121105
ClamAV 20121105
Comodo 20121105
DrWeb 20121105
Fortinet 20121105
Jiangmin 20121105
Kaspersky 20121105
Kingsoft 20121105
McAfee 20121105
McAfee-GW-Edition 20121105
Norman 20121105
Panda 20121105
SUPERAntiSpyware 20121105
Symantec 20121105
TheHacker 20121104
TotalDefense 20121105
TrendMicro 20121105
TrendMicro-HouseCall 20121105
VBA32 20121105
VIPRE 20121105
ViRobot 20121105
eSafe 20121104
nProtect 20121105
File identification
MD5 83be7ee2350d480cb6941189c8a38a00
SHA1 b159783df37c00c1cbc832773841a0ccae8a9e6a
SHA256 1d7fd34dad7696fb745d81aaf62d03261a9c550eb56e3d215b5d150ba46e23c6
ssdeep
12288:s/YkkwqKRufaqaiNIIB2Mfawty/j5EnuBO1QtSDxM:sAhvKRcaiSIB2TwQ/j5xBSq

File size 391.8 KB ( 401186 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
zip upx

VirusTotal metadata
First submission 2012-11-05 17:01:55 UTC ( 1 year, 5 months ago )
Last submission 2012-11-13 21:46:16 UTC ( 1 year, 5 months ago )
File names Boleto_Negociacao.zip
Advanced heuristic and reputation engines
ClamAV PUA
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: http://www.clamav.net/index.php?s=pua&lang=en .

Symantec reputation Suspicious.Insight
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x9c1ece19

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
411136

ZipCompressedSize
401046

ZipFileName
Boleto_Negociacao.cpl

ZipBitFlag
0

ZipModifyDate
2012:10:31 21:39:20

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!