× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 262812dd157a7e6e9cd7049f0fc4278d6f1d072c1952dd862e9937e490d28ea7
File name: daticert.xml - postacert.eml - 03738282725_02.2017.zip
Detection ratio: 34 / 59
Analysis date: 2017-08-13 01:55:11 UTC ( 1 week, 1 day ago )
Antivirus Result Update
AegisLab Mal.Nemucod.Gen!c 20170813
AhnLab-V3 JS/Downloader 20170812
Antiy-AVL Trojan/Generic.ASVCS3S.43C 20170812
Arcabit JS:Trojan.JS.Downloader.HNX 20170813
Avast Other:Malware-gen [Trj] 20170813
AVG Other:Malware-gen [Trj] 20170813
Avira (no cloud) HEUR/Suspar.Gen 20170812
BitDefender JS:Trojan.JS.Downloader.HNX 20170812
CAT-QuickHeal JS.Nemucod.CBP 20170812
Comodo UnclassifiedMalware 20170813
Cyren JS/Nemucod.GI1!Eldorado 20170813
DrWeb JS.DownLoader.3377 20170813
Emsisoft JS:Trojan.JS.Downloader.HNX (B) 20170813
ESET-NOD32 JS/TrojanDownloader.Nemucod.CEG 20170813
F-Prot JS/Nemucod.GI1!Eldorado 20170813
F-Secure JS:Trojan.JS.Downloader.HNX 20170813
Fortinet JS/Nemucod.2863!tr.dldr 20170812
GData JS:Trojan.JS.Downloader.HNX 20170813
Ikarus Trojan.Script 20170812
K7AntiVirus Trojan ( 004dfe6d1 ) 20170812
K7GW Trojan ( 004dfe6d1 ) 20170813
Kaspersky HEUR:Trojan-Downloader.Script.Generic 20170813
MAX malware (ai score=85) 20170813
McAfee JS/Nemucod.kz 20170813
McAfee-GW-Edition JS/Nemucod.kz 20170813
Microsoft TrojanDownloader:JS/Nemucod 20170813
NANO-Antivirus Trojan.Script.Nemucod.eloexc 20170812
Rising Downloader.Ransomware!8.625A (cloud:6PFxTaGarJT) 20170813
Sophos AV Mal/DrodZp-A 20170813
Symantec Trojan.Gen.NPE 20170812
Tencent Js.Trojan.Raas.Auto 20170813
VBA32 Trojan-Downloader.JS.Nemucod 20170811
ViRobot JS.S.Downloader.57701 20170813
ZoneAlarm by Check Point HEUR:Trojan-Downloader.Script.Generic 20170813
Ad-Aware 20170813
Alibaba 20170811
ALYac 20170812
AVware 20170813
Baidu 20170811
Bkav 20170812
CMC 20170812
CrowdStrike Falcon (ML) 20170804
Cylance 20170813
Endgame 20170721
Sophos ML 20170607
Jiangmin 20170813
Kingsoft 20170813
Malwarebytes 20170813
eScan 20170812
nProtect 20170813
Palo Alto Networks (Known Signatures) 20170813
Panda 20170812
Qihoo-360 20170813
SentinelOne (Static ML) 20170806
SUPERAntiSpyware 20170812
Symantec Mobile Insight 20170811
TheHacker 20170810
TotalDefense 20170812
TrendMicro 20170813
TrendMicro-HouseCall 20170813
Trustlook 20170813
VIPRE 20170813
Webroot 20170813
WhiteArmor 20170731
Yandex 20170807
Zillya 20170811
Zoner 20170813
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Contained files
Compression metadata
Contained files
3
Uncompressed size
169602
Highest datetime
2017-02-06 08:50:18
Lowest datetime
2017-02-06 08:50:18
Contained files by extension
js
3
Contained files by type
JavaScript
3
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0xe9f0af08

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
57701

ZipCompressedSize
20138

FileTypeExtension
zip

ZipFileName
0189380037629_02_2017.PDF.js

ZipBitFlag
0

ZipModifyDate
2017:02:06 08:50:09

Compressed bundles
File identification
MD5 a8df389893caf4017c5762e4cc789180
SHA1 0e76853d25587a29346dcb315fafb305e209a5dc
SHA256 262812dd157a7e6e9cd7049f0fc4278d6f1d072c1952dd862e9937e490d28ea7
ssdeep
1536:heZ1gwFlMsZ+OYWOachy9sEKvRJPE049ZkAViQ:KSw/p4ZZhk2404r9Vr

File size 57.5 KB ( 58837 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
attachment zip

VirusTotal metadata
First submission 2017-02-06 08:08:49 UTC ( 6 months, 2 weeks ago )
Last submission 2017-06-08 02:12:37 UTC ( 2 months, 2 weeks ago )
File names daticert.xml - postacert.eml - 02256139091_02.2017.zip
daticert.xml - postacert.eml - 06113107949_02.2017.zip
20170206094159.037816-Ddaticert.xml - postacert.eml - 09271661360_02.2017.zip_infected
daticert.xml - postacert.eml - 06772034721_02.2017.zip
daticert.xml - postacert.eml - 07163422384_02.2017.zip
daticert.xml - postacert.eml - 03738282725_02.2017.zip
fea4b3d9477c998a3682e2e053763f1f28cd108d
daticert.xml - postacert.eml - 04884953433_02.2017.zip
a8df389893caf4017c5762e4cc789180.zip
daticert.xml - postacert.eml - 00788815226_02.2017.zip
a8df389893caf4017c5762e4cc789180
daticert.xml - postacert.eml - 08611296587_02.2017.zip
daticert.xml - postacert.eml - 07600170178_02.2017.zip
03cbc129ae1bcb8686c90c9adc5da5ac
daticert.xml - postacert.eml - 00283727899_02.2017.zip
253e5fdb490892386e4ddad86881e6e4
acddc74e881e7936d4af9cf8f1d4c927
daticert.xml - postacert.eml - 00784971880_02.2017.zip
daticert.xml - postacert.eml - 09533596859_02.2017.zip
a80.exe
505698de01d3e56f242efbcc401a5df9
daticert.xml - postacert.eml - 02256139091_02.2017.zip
daticert.xml - postacert.eml - 05144858203_02.2017.zip
daticert.xml - postacert.eml - 02962674165_02.2017.zip
daticert.xml - postacert.eml - 02451508427_02.2017.zip
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!