× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 27ffa179ec58ffa4b67fd720d0d8e2fc7474fccfc10a4da217babb4822a74c78
File name: Urgent%20Order.exe
Detection ratio: 30 / 68
Analysis date: 2018-11-24 15:28:00 UTC ( 5 months, 4 weeks ago ) View latest
Antivirus Result Update
AegisLab Trojan.MSIL.Crypt.4!c 20181124
Avast Win32:MalwareX-gen [Trj] 20181124
AVG Win32:MalwareX-gen [Trj] 20181124
CAT-QuickHeal Trojan.MSIL 20181124
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.cc4cee 20180225
DrWeb Trojan.Inject3.4015 20181124
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of MSIL/Injector.UCK 20181124
Fortinet MSIL/Injector.UCK!tr 20181124
GData Win32.Trojan-Stealer.LokiBot.7F72K2 20181124
Ikarus Trojan-Stealer.Win32.LokiBot 20181124
Sophos ML heuristic 20181108
K7AntiVirus Trojan ( 0053c4a21 ) 20181124
K7GW Trojan ( 0053c4a21 ) 20181124
Kaspersky HEUR:Trojan.MSIL.Crypt.gen 20181124
Malwarebytes Backdoor.NanoCore 20181124
MAX malware (ai score=100) 20181124
McAfee GenericRXGP-OC!B51DDA97BAD4 20181124
McAfee-GW-Edition GenericRXGP-OC!B51DDA97BAD4 20181124
Microsoft PWS:Win32/Primarypass.A 20181124
Palo Alto Networks (Known Signatures) generic.ml 20181124
Qihoo-360 Win32/Trojan.21a 20181124
SentinelOne (Static ML) static engine - malicious 20181011
Sophos AV Mal/Generic-S 20181124
Symantec ML.Attribute.HighConfidence 20181123
Trapmine malicious.moderate.ml.score 20180918
TrendMicro TROJ_GEN.USKM18 20181124
TrendMicro-HouseCall TROJ_GEN.USKM18 20181124
ZoneAlarm by Check Point HEUR:Trojan.MSIL.Crypt.gen 20181124
Ad-Aware 20181124
AhnLab-V3 20181124
Alibaba 20180921
ALYac 20181124
Antiy-AVL 20181124
Arcabit 20181124
Avast-Mobile 20181124
Avira (no cloud) 20181124
Babable 20180918
Baidu 20181123
BitDefender 20181124
Bkav 20181123
ClamAV 20181124
CMC 20181124
Comodo 20181124
Cyren 20181124
eGambit 20181124
Emsisoft 20181124
F-Prot 20181124
F-Secure 20181124
Jiangmin 20181124
Kingsoft 20181124
eScan 20181124
NANO-Antivirus 20181124
Panda 20181124
Rising 20181124
SUPERAntiSpyware 20181121
Symantec Mobile Insight 20181121
TACHYON 20181124
Tencent 20181124
TheHacker 20181118
TotalDefense 20181124
Trustlook 20181124
VBA32 20181123
ViRobot 20181124
Webroot 20181124
Yandex 20181123
Zillya 20181123
Zoner 20181124
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 2019, Teamspeak Lts

Product Teamspeak
Description Teamspeak
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-11-21 23:01:37
Entry Point 0x000661EE
Number of sections 4
.NET details
Module Version ID 295aa35d-5851-4591-aa00-60872014965a
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 8
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 10
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
164864

ImageVersion
0.0

ProductName
Teamspeak

FileVersionNumber
0.0.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

ImageFileCharacteristics
Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

TimeStamp
2018:11:22 00:01:37+01:00

FileType
Win32 EXE

PEType
PE32

FileDescription
Teamspeak

OSVersion
4.0

FileOS
Unknown (0)

LegalCopyright
Copyright (c) 2019, Teamspeak Lts

MachineType
Intel 386 or later, and compatibles

CodeSize
410112

FileSubtype
0

ProductVersionNumber
0.0.0.0

EntryPoint
0x661ee

ObjectFileType
Executable application

File identification
MD5 b51dda97bad49167ef89d44a050ef5d5
SHA1 0831cbdcc4cee218b129a37aad03ba35cd897bac
SHA256 27ffa179ec58ffa4b67fd720d0d8e2fc7474fccfc10a4da217babb4822a74c78
ssdeep
6144:Oq3XLcSjwZma2JO8sa/z1/9liBF5HKykQ/oA8cA+tFcdfsu2IgeOoJQSjleWQgti:RrcplMB69OPgeOo3lnt0D

authentihash 71203f2f7806d0905e876432a0ae78607d48c35716f099eec562800bc0d15c07
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 562.5 KB ( 576000 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (79.2%)
Win32 Dynamic Link Library (generic) (7.1%)
Win32 Executable (generic) (4.8%)
Win16/32 Executable Delphi generic (2.2%)
OS/2 Executable (generic) (2.1%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-11-23 16:30:48 UTC ( 5 months, 4 weeks ago )
Last submission 2018-11-28 10:28:56 UTC ( 5 months, 3 weeks ago )
File names b51dda97bad49167ef89d44a050ef5d5
Urgent%20Order.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!