× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 22b93bb681393f2c4273eeb04675eff878a58dbd1fca5a6f08c0fc9a9e58c23f
File name: kiss.exe
Detection ratio: 22 / 69
Analysis date: 2018-12-21 03:35:02 UTC ( 5 months ago ) View latest
Antivirus Result Update
Acronis malware 20180726
CrowdStrike Falcon (ML) malicious_confidence_80% (D) 20181022
Cybereason malicious.f25ed8 20180225
Cylance Unsafe 20181221
Cyren W32/MSIL_Agent.EA.gen!Eldorado 20181220
DrWeb Trojan.Fbng.8 20181221
Endgame malicious (moderate confidence) 20181108
ESET-NOD32 a variant of MSIL/Kryptik.QHB 20181221
F-Prot W32/MSIL_Agent.EA.gen!Eldorado 20181221
Fortinet MSIL/Kryptik.QHB!tr 20181221
GData Win32.Trojan-Stealer.FormBook.T5SXD1 20181221
Sophos ML heuristic 20181128
Kaspersky HEUR:Trojan.MSIL.NetWire.gen 20181221
Malwarebytes Trojan.PasswordStealer.MSIL 20181221
McAfee-GW-Edition BehavesLike.Win32.Generic.gc 20181220
Palo Alto Networks (Known Signatures) generic.ml 20181221
Qihoo-360 HEUR/QVM03.0.FBC9.Malware.Gen 20181221
SentinelOne (Static ML) static engine - malicious 20181011
Symantec ML.Attribute.HighConfidence 20181221
Trapmine malicious.moderate.ml.score 20181205
TrendMicro-HouseCall TROJ_GEN.R04AH0CLK18 20181221
ZoneAlarm by Check Point HEUR:Trojan.MSIL.NetWire.gen 20181221
Ad-Aware 20181220
AegisLab 20181220
AhnLab-V3 20181220
Alibaba 20180921
ALYac 20181220
Antiy-AVL 20181220
Arcabit 20181220
Avast 20181220
Avast-Mobile 20181220
AVG 20181220
Avira (no cloud) 20181220
Babable 20180918
Baidu 20181207
BitDefender 20181220
Bkav 20181220
CAT-QuickHeal 20181220
ClamAV 20181220
CMC 20181220
Comodo 20181220
eGambit 20181221
Emsisoft 20181221
F-Secure 20181221
Ikarus 20181221
Jiangmin 20181221
K7AntiVirus 20181221
K7GW 20181221
Kingsoft 20181221
MAX 20181221
McAfee 20181221
Microsoft 20181220
eScan 20181221
NANO-Antivirus 20181221
Panda 20181220
Rising 20181221
Sophos AV 20181221
SUPERAntiSpyware 20181220
Symantec Mobile Insight 20181215
TACHYON 20181221
Tencent 20181221
TheHacker 20181220
TrendMicro 20181221
Trustlook 20181221
VBA32 20181220
ViRobot 20181220
Webroot 20181221
Yandex 20181220
Zillya 20181219
Zoner 20181221
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2018 The Oil & Gas Holding Company Bsc (Nogaholding)

Product Dynamic IP Restriction Module
Original name kiss.exe
Internal name kiss.exe
File version 9.11.3.4
Description Dynamic IP Restriction Module
Comments oqotuxujusetevijekiy
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2003-10-19 16:40:18
Entry Point 0x0007A00A
Number of sections 5
.NET details
Module Version ID 4ec65b90-4284-4a14-ad38-2684f2e35c26
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
oqotuxujusetevijekiy

InitializedDataSize
336384

ImageVersion
0.0

ProductName
Dynamic IP Restriction Module

FileVersionNumber
9.11.3.4

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
8.0

FileTypeExtension
exe

OriginalFileName
kiss.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
9.11.3.4

TimeStamp
2003:10:19 18:40:18+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
kiss.exe

ProductVersion
9.11.3.4

FileDescription
Dynamic IP Restriction Module

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright 2018 The Oil & Gas Holding Company Bsc (Nogaholding)

MachineType
Intel 386 or later, and compatibles

CompanyName
The Oil & Gas Holding Company Bsc (Nogaholding)

CodeSize
137216

FileSubtype
0

ProductVersionNumber
9.11.3.4

EntryPoint
0x7a00a

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 ba4e09d65eb3a47e8a3f41c79f2bd0b9
SHA1 67107a0f25ed874f1058b6f2e4cbdc544cde5bdb
SHA256 22b93bb681393f2c4273eeb04675eff878a58dbd1fca5a6f08c0fc9a9e58c23f
ssdeep
12288:8Ni+IEp/hgxifJs0+0/mMqzHWOFaQ9kDb2jMj:mDIEpWx4KFzfzps

authentihash 06f838a46c11f19f0728eb9d9bb4e62b06b4fa46519c51f915f8be5e1ae3de42
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 463.5 KB ( 474624 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-12-21 03:33:43 UTC ( 5 months ago )
Last submission 2019-05-10 11:35:49 UTC ( 1 week, 5 days ago )
File names kiss.exe
package350_VirusShare_ba4e09d65eb3a47e8a3f41c79f2bd0b9
output.114777185.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!