× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1fa4de4ba1aa2dc1770d2e0ae5ff5dcb71f195d2328fe5a596827f5a35e1a3e1
File name: 93c0a6825f4c8e2a207d522f55895b45.3gp
Detection ratio: 19 / 57
Analysis date: 2016-11-17 23:00:20 UTC ( 2 years, 3 months ago ) View latest
Antivirus Result Update
Avast Win32:Malware-gen 20161117
Avira (no cloud) TR/Crypt.Xpack.zmdrm 20161117
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20161117
BitDefender Trojan.GenericKD.3721536 20161117
Bkav HW32.Packed.6D32 20161117
Comodo Heur.Packed.Unknown 20161117
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20161024
Emsisoft Trojan.GenericKD.3721536 (B) 20161117
ESET-NOD32 a variant of Win32/Kryptik.FJVE 20161117
GData Trojan.GenericKD.3721536 20161117
Sophos ML backdoor.win32.drixed.m 20161018
Kaspersky Trojan.Win32.Razy.cmv 20161117
McAfee Artemis!93C0A6825F4C 20161117
McAfee-GW-Edition BehavesLike.Win32.Rootkit.cc 20161117
eScan Trojan.GenericKD.3721536 20161117
Qihoo-360 HEUR/QVM20.1.0000.Malware.Gen 20161118
Sophos AV Mal/Generic-S 20161117
Symantec Trojan.Cridex 20161117
Tencent Win32.Trojan.Kryptik.Hufg 20161118
Ad-Aware 20161117
AegisLab 20161117
AhnLab-V3 20161117
Alibaba 20161117
ALYac 20161117
Antiy-AVL 20161117
Arcabit 20161117
AVG 20161117
AVware 20161117
CAT-QuickHeal 20161117
ClamAV 20161117
CMC 20161117
Cyren 20161117
DrWeb 20161117
F-Prot 20161117
F-Secure 20161117
Fortinet 20161117
Ikarus 20161117
Jiangmin 20161117
K7AntiVirus 20161117
K7GW 20161117
Kingsoft 20161118
Malwarebytes 20161117
Microsoft 20161117
NANO-Antivirus 20161117
nProtect 20161117
Panda 20161117
Rising 20161117
SUPERAntiSpyware 20161117
TheHacker 20161117
TotalDefense 20161117
TrendMicro 20161117
TrendMicro-HouseCall 20161117
VBA32 20161117
VIPRE 20161117
ViRobot 20161117
Yandex 20161117
Zillya 20161117
Zoner 20161117
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-11-17 05:28:19
Entry Point 0x0000C8C0
Number of sections 8
PE sections
PE imports
LocalCompact
CreateWaitableTimerW
LocalFree
FindAtomW
GetComputerNameW
GetSystemInfo
DebugActiveProcessStop
WTSGetActiveConsoleSessionId
IsProcessInJob
GetComputerNameA
CreateMailslotA
GetProcAddress
LoadLibraryA
SetConsoleTextAttribute
MprAdminTransportGetInfo
_vswprintf_c_l
strtok
_chkstk
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

TimeStamp
2016:11:17 06:28:19+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
48128

LinkerVersion
18.1

FileTypeExtension
exe

InitializedDataSize
93696

SubsystemVersion
5.0

EntryPoint
0xc8c0

OSVersion
2.1

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 93c0a6825f4c8e2a207d522f55895b45
SHA1 9f64a1a3bcc87bf3488e20eb4c5e66a2ac63e50e
SHA256 1fa4de4ba1aa2dc1770d2e0ae5ff5dcb71f195d2328fe5a596827f5a35e1a3e1
ssdeep
1536:2+ERgPBloqorbTuO/eQxa85pa2zgg9Q8TKe0987nrdLreandX/PFM699JmPwuwdy:PeGd0xr58U68+e0y53dXnWoJ

authentihash f0143b71e846f5f236cea093f33f96dbfefbf13b49cfb2eb705fd0e2995b2c40
imphash 249405642c0e3b4dfa98e424040b99c2
File size 127.0 KB ( 130048 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.6%)
Clipper DOS Executable (19.1%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
VXD Driver (0.2%)
Tags
peexe

VirusTotal metadata
First submission 2016-11-17 12:19:29 UTC ( 2 years, 3 months ago )
Last submission 2017-08-21 16:48:23 UTC ( 1 year, 6 months ago )
File names 1_exe
1.exe
1fa4de4ba1aa2dc1770d2e0ae5ff5dcb71f195d2328fe5a596827f5a35e1a3e1
3c23fda5ff50672d01f942a546fda881098cbb74
93c0a6825f4c8e2a207d522f55895b45.3gp
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!