× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 28a9f953e57c45cbf3e1e39a08342d0546d1d3d74ebe245d4a374d973859217f
File name: 73567c58df3901db942cfe1c00572f1b5e4eec6d
Detection ratio: 15 / 67
Analysis date: 2017-10-28 04:57:55 UTC ( 1 year, 4 months ago )
Antivirus Result Update
Baidu MSIL.Trojan.Kryptik.l 20171027
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20171016
Cylance Unsafe 20171028
DrWeb Trojan.Inject2.61960 20171028
eGambit Unsafe.AI_Score_99% 20171028
Endgame malicious (high confidence) 20171024
ESET-NOD32 a variant of MSIL/Injector.JGJ 20171027
GData Win32.Trojan.Agent.ADW 20171028
Ikarus Ransom.MSIL.LockScreen 20171027
Sophos ML heuristic 20170914
Kaspersky HEUR:Trojan.Win32.Generic 20171028
McAfee-GW-Edition BehavesLike.Win32.Generic.dc 20171028
Qihoo-360 HEUR/QVM03.0.CCB7.Malware.Gen 20171028
SentinelOne (Static ML) static engine - malicious 20171019
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20171028
Ad-Aware 20171028
AegisLab 20171028
AhnLab-V3 20171027
Alibaba 20170911
ALYac 20171028
Antiy-AVL 20171028
Arcabit 20171028
Avast 20171028
Avast-Mobile 20171027
AVG 20171028
Avira (no cloud) 20171027
AVware 20171028
BitDefender 20171028
Bkav 20171028
CAT-QuickHeal 20171027
ClamAV 20171028
CMC 20171027
Cybereason 20170628
Cyren 20171028
Emsisoft 20171028
F-Prot 20171028
F-Secure 20171028
Fortinet 20171028
Jiangmin 20171028
K7AntiVirus 20171027
K7GW 20171028
Kingsoft 20171028
Malwarebytes 20171028
MAX 20171028
McAfee 20171028
Microsoft 20171028
eScan 20171028
NANO-Antivirus 20171028
nProtect 20171028
Palo Alto Networks (Known Signatures) 20171028
Panda 20171027
Rising 20171028
Sophos AV 20171028
SUPERAntiSpyware 20171028
Symantec 20171027
Symantec Mobile Insight 20171027
Tencent 20171028
TheHacker 20171024
TotalDefense 20171028
TrendMicro 20171028
TrendMicro-HouseCall 20171028
Trustlook 20171028
VBA32 20171027
VIPRE 20171028
ViRobot 20171028
Webroot 20171028
WhiteArmor 20171024
Yandex 20171027
Zillya 20171027
Zoner 20171028
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright

Original name FKFCK.exe
Internal name FKFCK.exe
File version 0.0.0.0
Description
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-10-25 00:39:40
Entry Point 0x000475CE
Number of sections 3
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
8192

ImageVersion
0.0

FileVersionNumber
0.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
8.0

FileTypeExtension
exe

OriginalFileName
FKFCK.exe

MIMEType
application/octet-stream

FileVersion
0.0.0.0

TimeStamp
2017:10:25 01:39:40+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
FKFCK.exe

ProductVersion
0.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
286720

FileSubtype
0

ProductVersionNumber
0.0.0.0

EntryPoint
0x475ce

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

Compressed bundles
File identification
MD5 4c7940d306f942682bbce9f8513cfceb
SHA1 73567c58df3901db942cfe1c00572f1b5e4eec6d
SHA256 28a9f953e57c45cbf3e1e39a08342d0546d1d3d74ebe245d4a374d973859217f
ssdeep
6144:gYNFeB6Yx68fO377b8aM4AV4Cw67ZtrmS/wo5VMnHaDOg70CD:gYDoeHL7U4Nsdp/wo5VMBc0C

authentihash beab842241e1051b5dd923f584776e48ab457e738ee118a969af87293f42afb5
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 292.0 KB ( 299008 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (49.0%)
Win32 Executable MS Visual C++ (generic) (20.9%)
Win64 Executable (generic) (18.5%)
Win32 Dynamic Link Library (generic) (4.4%)
Win32 Executable (generic) (3.0%)
Tags
peexe assembly

VirusTotal metadata
First submission 2017-10-28 04:57:55 UTC ( 1 year, 4 months ago )
Last submission 2017-10-28 04:57:55 UTC ( 1 year, 4 months ago )
File names FKFCK.exe
73567c58df3901db942cfe1c00572f1b5e4eec6d
1032-73567c58df3901db942cfe1c00572f1b5e4eec6d
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!