× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 296055e92973a763db32a36d18bc6de86753be3ad61fc5062f2b39781c425003
File name: zbetcheckin_tracker_0.exe
Detection ratio: 32 / 68
Analysis date: 2018-08-26 22:28:05 UTC ( 8 months, 4 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Razy.373700 20180826
ALYac Gen:Variant.Razy.373700 20180826
Arcabit Trojan.Razy.D5B3C4 20180826
Avast Win32:GenX 20180826
AVG Win32:GenX 20180826
Avira (no cloud) TR/Dropper.Gen 20180826
AVware Win32.Malware!Drop 20180823
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180820
BitDefender Gen:Variant.Razy.373700 20180826
Comodo TrojWare.MSIL.Agent.GH 20180826
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cybereason malicious.a158a2 20180225
Cylance Unsafe 20180826
DrWeb BackDoor.Siggen2.2488 20180826
Emsisoft Gen:Variant.Razy.373700 (B) 20180826
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of MSIL/Injector.CHQ 20180826
F-Secure Gen:Variant.Razy.373700 20180826
Fortinet MSIL/Injector.CHQ!tr 20180826
GData Gen:Variant.Razy.373700 20180826
Sophos ML heuristic 20180717
Kaspersky HEUR:Trojan.Win32.Generic 20180826
MAX malware (ai score=89) 20180826
Microsoft Trojan:Win32/Fuerboos.C!cl 20180826
Panda Trj/GdSda.A 20180826
Qihoo-360 HEUR/QVM03.0.7371.Malware.Gen 20180826
Rising Dropper.Generic!8.35E (TFE:dGZlOg0dahlad1kucg) 20180826
SentinelOne (Static ML) static engine - malicious 20180701
Sophos AV Mal/DotNet-P 20180826
Symantec ML.Attribute.HighConfidence 20180826
VIPRE Win32.Malware!Drop 20180826
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20180826
AegisLab 20180826
AhnLab-V3 20180826
Alibaba 20180713
Antiy-AVL 20180826
Avast-Mobile 20180826
Babable 20180822
Bkav 20180824
CAT-QuickHeal 20180826
ClamAV 20180826
CMC 20180826
Cyren 20180826
eGambit 20180826
F-Prot 20180826
Ikarus 20180826
Jiangmin 20180826
K7AntiVirus 20180826
K7GW 20180826
Kingsoft 20180826
Malwarebytes 20180826
McAfee 20180826
McAfee-GW-Edition 20180826
eScan 20180826
NANO-Antivirus 20180826
Palo Alto Networks (Known Signatures) 20180826
SUPERAntiSpyware 20180826
Symantec Mobile Insight 20180822
TACHYON 20180826
Tencent 20180826
TheHacker 20180824
TotalDefense 20180826
TrendMicro 20180826
TrendMicro-HouseCall 20180826
Trustlook 20180826
VBA32 20180824
ViRobot 20180826
Webroot 20180826
Yandex 20180824
Zillya 20180824
Zoner 20180825
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
IOBit Secruity

Product Whos Good
Original name 0.exe
Internal name 0.exe
File version 3.2.3.7
Description Prince
Comments Sew solution
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-08-08 16:12:52
Entry Point 0x0000780E
Number of sections 3
.NET details
Module Version ID 39e0cf84-c477-4fd8-a8ad-fe0308196dd9
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
BOONDOCKS 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 3
VIETNAMESE DEFAULT 1
PE resources
ExifTool file metadata
CodeSize
24576

SubsystemVersion
4.0

Comments
Sew solution

InitializedDataSize
110592

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.2.3.7

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Prince

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
8.0

EntryPoint
0x780e

OriginalFileName
0.exe

MIMEType
application/octet-stream

LegalCopyright
IOBit Secruity

FileVersion
3.2.3.7

TimeStamp
2018:08:08 18:12:52+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
0.exe

ProductVersion
3.2.3.7

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Bcare International

LegalTrademarks
IOBit Secruity

ProductName
Whos Good

ProductVersionNumber
3.2.3.7

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.3.3.2

File identification
MD5 8ab102447c9c9f9e6f0a2870f108705a
SHA1 c15e6a5a158a2bef369b9e72baa1902e10d3d766
SHA256 296055e92973a763db32a36d18bc6de86753be3ad61fc5062f2b39781c425003
ssdeep
3072:Ulz40cB5q3ofYRqj/BGQ0UMDaJXdkg8X/:Ul8N5fmqj/BG3uXd+

authentihash 80e402ed726e94fee07c74d41225b0e59b65b97ecf5bec0e40427e5b31e8432d
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 136.0 KB ( 139264 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (48.4%)
Win32 Executable MS Visual C++ (generic) (20.6%)
Win64 Executable (generic) (18.2%)
Win32 Dynamic Link Library (generic) (4.3%)
Win32 Executable (generic) (2.9%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-08-26 22:28:05 UTC ( 8 months, 4 weeks ago )
Last submission 2018-08-26 22:28:05 UTC ( 8 months, 4 weeks ago )
File names zbetcheckin_tracker_0.exe
0.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!