× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1df4d4b68ddb2b438bdf3d3c19c317ae5fb2b15af5610ef781abf5329450374e
File name: a937b808651c5278b0d41a24db7db03c.vir
Detection ratio: 54 / 69
Analysis date: 2018-10-04 09:09:07 UTC ( 2 weeks, 4 days ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Razy.355383 20181004
AegisLab Worm.MSIL.Agent.lmXx 20181004
AhnLab-V3 Trojan/Win32.Kryptik.R230865 20181004
ALYac Spyware.AgentTesla 20181004
Antiy-AVL Trojan/Win32.Occamy 20181004
Arcabit Trojan.Razy.D56C37 20181004
Avast Win32:Trojan-gen 20181004
AVG Win32:Trojan-gen 20181004
Avira (no cloud) HEUR/AGEN.1013209 20181004
AVware Trojan.Win32.Generic!BT 20180925
BitDefender Gen:Variant.Razy.355383 20181004
CAT-QuickHeal Trojan.Occamy 20181001
ClamAV Win.Dropper.Razy-6603344-0 20181004
Comodo UnclassifiedMalware 20181004
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cybereason malicious.8651c5 20180225
Cylance Unsafe 20181004
Cyren W32/Trojan.BMT.gen!Eldorado 20181004
DrWeb Trojan.PWS.Stealer.19347 20181004
Emsisoft Gen:Variant.Razy.355383 (B) 20181004
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of MSIL/Kryptik.OHR 20181004
F-Prot W32/Trojan.BMT.gen!Eldorado 20181004
F-Secure Gen:Variant.Razy.355383 20181004
Fortinet MSIL/Kryptik.OHR!tr 20181004
GData Gen:Variant.Razy.355383 20181004
Ikarus Trojan-Spy.Agent 20181004
Sophos ML heuristic 20180717
Jiangmin Trojan.Generic.cjlyy 20181004
K7AntiVirus Trojan ( 00533ba61 ) 20181003
K7GW Trojan ( 00533ba61 ) 20181003
Kaspersky HEUR:Trojan.Win32.Generic 20181004
Malwarebytes Spyware.AgentTesla 20181004
MAX malware (ai score=100) 20181004
McAfee Trojan-FPRM!A937B808651C 20181004
McAfee-GW-Edition BehavesLike.Win32.Generic.dc 20181004
Microsoft VirTool:MSIL/Injector 20181004
eScan Gen:Variant.Razy.355383 20181004
NANO-Antivirus Trojan.Win32.Stealer.ffcxye 20181004
Palo Alto Networks (Known Signatures) generic.ml 20181004
Panda Trj/GdSda.A 20181003
Qihoo-360 Win32/Trojan.3ed 20181004
SentinelOne (Static ML) static engine - malicious 20180926
Sophos AV Mal/Generic-S 20181004
Symantec Trojan Horse 20181004
Tencent Win32.Trojan.Generic.Lmap 20181004
TrendMicro TROJ_GEN.R002C0WGA18 20181004
TrendMicro-HouseCall TrojanSpy.MSIL.NEGASTEAL.SMK 20181004
VBA32 TScope.Trojan.MSIL 20181003
VIPRE Trojan.Win32.Generic!BT 20181004
ViRobot Trojan.Win32.Z.Razy.276992.DG 20181004
Webroot W32.Trojan.Gen 20181004
Yandex Trojan.Agent!R9Rd7iA8QSQ 20180927
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20180925
Alibaba 20180921
Avast-Mobile 20181004
Babable 20180918
Baidu 20180930
Bkav 20181003
CMC 20181004
eGambit 20181004
Kingsoft 20181004
Rising 20181004
SUPERAntiSpyware 20180907
Symantec Mobile Insight 20181001
TACHYON 20181004
TheHacker 20181001
TotalDefense 20181004
Trustlook 20181004
Zillya 20181003
Zoner 20181004
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-06-30 19:20:36
Entry Point 0x000345FE
Number of sections 3
.NET details
Module Version ID 431d3c3a-81dd-46d8-853e-571c0bc2e22c
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 4
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:06:30 20:20:36+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
206848

LinkerVersion
11.0

ImageFileCharacteristics
Executable, 32-bit

Warning
Possibly corrupt Version resource

EntryPoint
0x345fe

InitializedDataSize
69632

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 a937b808651c5278b0d41a24db7db03c
SHA1 6101369439607b2b301d14321ae61b8590ac6070
SHA256 1df4d4b68ddb2b438bdf3d3c19c317ae5fb2b15af5610ef781abf5329450374e
ssdeep
6144:s+2kM846tnfzVmOPFsCYQ1ZewBh2pPBVPEJ6:sDk948fdaCB1vf2Llj

authentihash 332c8858f0a5ca6e6b2fb803adb2ff61a3cabc9d732450b315371f81bbdc636f
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 270.5 KB ( 276992 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (81.0%)
Win32 Dynamic Link Library (generic) (7.2%)
Win32 Executable (generic) (4.9%)
OS/2 Executable (generic) (2.2%)
Generic Win/DOS Executable (2.2%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-07-10 16:09:41 UTC ( 3 months, 2 weeks ago )
Last submission 2018-10-04 09:09:07 UTC ( 2 weeks, 4 days ago )
File names a937b808651c5278b0d41a24db7db03c.vir
uch.exe
.
Flowers Foods Inc(01).gxe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!