× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 25af317b2757c63e994e5994a398d6a4bfd09e23e1d2d3903fc846855c5dbb77
File name: pautomation-portable.zip
Detection ratio: 2 / 61
Analysis date: 2018-07-09 00:23:05 UTC ( 3 months, 2 weeks ago )
Antivirus Result Update
Cylance Unsafe 20180709
Jiangmin Trojan/Agent.hghn 20180709
Ad-Aware 20180708
AegisLab 20180708
AhnLab-V3 20180708
ALYac 20180708
Antiy-AVL 20180709
Arcabit 20180709
Avast 20180709
Avast-Mobile 20180708
AVG 20180709
Avira (no cloud) 20180708
AVware 20180709
Babable 20180406
Baidu 20180706
BitDefender 20180708
Bkav 20180706
CAT-QuickHeal 20180708
ClamAV 20180708
CMC 20180708
Comodo 20180709
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
Cyren 20180709
DrWeb 20180709
eGambit 20180709
Emsisoft 20180709
Endgame 20180612
ESET-NOD32 20180709
F-Prot 20180708
F-Secure 20180709
Fortinet 20180709
GData 20180709
Ikarus 20180708
Sophos ML 20180601
K7AntiVirus 20180708
K7GW 20180709
Kaspersky 20180709
Kingsoft 20180709
Malwarebytes 20180709
MAX 20180709
McAfee 20180709
McAfee-GW-Edition 20180708
Microsoft 20180709
eScan 20180709
NANO-Antivirus 20180709
Palo Alto Networks (Known Signatures) 20180709
Panda 20180708
Qihoo-360 20180709
Rising 20180709
SentinelOne (Static ML) 20180701
Sophos AV 20180708
SUPERAntiSpyware 20180708
Symantec 20180709
TACHYON 20180708
Tencent 20180709
TheHacker 20180708
TotalDefense 20180708
TrendMicro 20180709
TrendMicro-HouseCall 20180709
Trustlook 20180709
VBA32 20180707
VIPRE 20180709
ViRobot 20180708
Webroot 20180709
Yandex 20180706
Zillya 20180706
ZoneAlarm by Check Point 20180709
Zoner 20180708
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
382
Uncompressed size
2909948
Highest datetime
2010-04-05 21:15:48
Lowest datetime
2005-08-24 11:32:10
Contained files by extension
gt
119
g
110
ico
88
pa
25
exe
9
dll
7
lng
7
chm
2
frm
2
gf
2
gi
2
bin
1
aps
1
htm
1
rtf
1
dat
1
ge
1
rc
1
TXT
1
RES
1
Contained files by type
unknown
363
Portable Executable
16
script
2
RTF
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
10

ZipCRC
0x3ca38c58

FileType
ZIP

ZipCompression
None

ZipUncompressedSize
17

ZipCompressedSize
17

FileTypeExtension
zip

ZipFileName
autoload.dat

ZipBitFlag
0

ZipModifyDate
2010:04:05 21:15:48

File identification
MD5 f707e0d9d51ea191bbeb4b50caea141a
SHA1 ef8dac0fae55637c4f0ea2705037aee567b9dc88
SHA256 25af317b2757c63e994e5994a398d6a4bfd09e23e1d2d3903fc846855c5dbb77
ssdeep
24576:5uq5R3C9gIAdnyRvQ9H0BDcSJg1mPKS2wm4K2x6Vo4AJL4x:w2yGIAdnyBQ9H0BQunSS2wyo420

File size 1.2 MB ( 1228132 bytes )
File type ZIP
Magic literal
Zip archive data, at least v1.0 to extract

TrID ZIP compressed archive (80.0%)
PrintFox/Pagefox bitmap (var. P) (20.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2010-10-29 19:43:23 UTC ( 7 years, 11 months ago )
Last submission 2018-06-17 19:51:18 UTC ( 4 months ago )
File names 3PE6RH2p3.xlsm
pautomation-portable.zip
E4RIVU0W.gif
aa
pautomation-portable.zip
file-3582839_zip
pautomation-portable.zip
pautomation-portable (1).zip
automation-portable.zip
output.23614491.txt
pautomation-portable.zip
pautomation-portable271.zip
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!