× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 26314f0e37cfab91d94519a4f3fe4e987316ca6f69f74cf668abbe7934208ceb
File name: 26314F0E37CFAB91D94519A4F3FE4E987316CA6F69F74CF668ABBE7934208CEB
Detection ratio: 16 / 70
Analysis date: 2019-01-24 11:23:41 UTC ( 4 months ago ) View latest
Antivirus Result Update
Acronis suspicious 20190124
AhnLab-V3 Trojan/Win32.MalPacked.C2953782 20190124
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181023
Cybereason malicious.9a7e4d 20190109
Cylance Unsafe 20190124
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of MSIL/Kryptik.QHB 20190124
Fortinet MSIL/Kryptik.QHB!tr 20190124
Sophos ML heuristic 20181128
Kaspersky HEUR:Trojan-PSW.MSIL.Heye.gen 20190124
McAfee-GW-Edition BehavesLike.Win32.Generic.fc 20190124
Qihoo-360 HEUR/QVM03.0.C26E.Malware.Gen 20190124
SentinelOne (Static ML) static engine - malicious 20190118
Trapmine malicious.high.ml.score 20190123
Webroot W32.Trojan.Genkd 20190124
ZoneAlarm by Check Point HEUR:Trojan-PSW.MSIL.Heye.gen 20190124
Ad-Aware 20190124
AegisLab 20190124
Alibaba 20180921
ALYac 20190123
Antiy-AVL 20190124
Arcabit 20190123
Avast 20190124
Avast-Mobile 20190123
AVG 20190123
Avira (no cloud) 20190124
AVware 20180925
Babable 20180917
Baidu 20190123
BitDefender 20190123
Bkav 20190124
CAT-QuickHeal 20190124
ClamAV 20190123
CMC 20190124
Comodo 20190123
Cyren 20190123
DrWeb 20190123
eGambit 20190124
Emsisoft 20190123
F-Prot 20190123
F-Secure 20190123
GData 20190123
Jiangmin 20190124
K7AntiVirus 20190124
K7GW 20190124
Kingsoft 20190124
Malwarebytes 20190124
MAX 20190124
McAfee 20190124
Microsoft 20190124
eScan 20190124
NANO-Antivirus 20190124
Palo Alto Networks (Known Signatures) 20190124
Panda 20190123
Rising 20190124
Sophos AV 20190123
SUPERAntiSpyware 20190123
Symantec 20190123
TACHYON 20190123
Tencent 20190124
TheHacker 20190118
TotalDefense 20190123
TrendMicro 20190124
TrendMicro-HouseCall 20190124
Trustlook 20190124
VBA32 20190124
ViRobot 20190124
Yandex 20190123
Zillya 20190122
Zoner 20190123
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2019

Product
Original name crab.exe
Internal name crab.exe
File version 1.0.0.0
Description
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1999-10-24 18:07:21
Entry Point 0x0005E00A
Number of sections 5
.NET details
Module Version ID 8198c406-2b57-4bf3-8771-f0e858778fdd
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
297984

ImageVersion
0.0

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
8.0

FileTypeExtension
exe

OriginalFileName
crab.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.0.0

TimeStamp
1999:10:24 20:07:21+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
crab.exe

ProductVersion
1.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright 2019

MachineType
Intel 386 or later, and compatibles

CodeSize
60416

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x5e00a

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 b859c02ae9a93edcc7907725d8d15802
SHA1 0a0df099a7e4db122ee864a6a9ff731bbb340d40
SHA256 26314f0e37cfab91d94519a4f3fe4e987316ca6f69f74cf668abbe7934208ceb
ssdeep
6144:QaG87otmfaRG9nOpnEjQm8mC00zFhKI/AcGRPX9hMNa+th4Ve+rWLvFDy8:QaG87gmbKnE8pmJ0RhKwf0zfev

authentihash 467b0b7076d6233110958d5e8d6652207ec4ea79505c933880d53c72b8e9cc46
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 351.0 KB ( 359424 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Executable MS Visual C++ (generic) (39.9%)
Win64 Executable (generic) (35.4%)
Win32 Dynamic Link Library (generic) (8.4%)
Win32 Executable (generic) (5.7%)
Win16/32 Executable Delphi generic (2.6%)
Tags
peexe assembly

VirusTotal metadata
First submission 2019-01-24 11:23:33 UTC ( 4 months ago )
Last submission 2019-01-27 18:32:19 UTC ( 3 months, 4 weeks ago )
File names crab.exe
output.115042608.txt
output.115042167.txt
mxbdfhs.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!