× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 29e109b6d0b31768dd573c678a7bc4412fedc455ff8fec4a3803d2e80853b501
File name: GuardAxon_Portable.zip
Detection ratio: 7 / 56
Analysis date: 2014-12-19 12:12:52 UTC ( 2 years, 10 months ago ) View latest
Antivirus Result Update
Avira (no cloud) HEUR/Crypted 20141219
Bkav HW32.Packed.4EA1 20141219
CAT-QuickHeal (Suspicious) - DNAScan 20141219
Cyren W32/Heuristic-210!Eldorado 20141219
F-Prot W32/Heuristic-210!Eldorado 20141219
TrendMicro Cryp_Yodap 20141219
TrendMicro-HouseCall Cryp_Yodap 20141219
Ad-Aware 20141219
AegisLab 20150104
Yandex 20141217
AhnLab-V3 20141218
ALYac 20141219
Antiy-AVL 20141219
Avast 20141219
AVG 20141219
AVware 20141219
Baidu-International 20141219
BitDefender 20141219
ByteHero 20141219
ClamAV 20141219
CMC 20141218
Comodo 20150104
DrWeb 20141219
Emsisoft 20141219
ESET-NOD32 20141219
F-Secure 20150104
Fortinet 20141219
GData 20141219
Ikarus 20141219
Jiangmin 20141218
K7AntiVirus 20141218
K7GW 20141219
Kaspersky 20141219
Kingsoft 20141219
Malwarebytes 20141219
McAfee 20141219
McAfee-GW-Edition 20150104
Microsoft 20141219
eScan 20141219
NANO-Antivirus 20141219
Norman 20150103
nProtect 20141219
Panda 20141219
Qihoo-360 20150104
Rising 20141218
Sophos AV 20141219
SUPERAntiSpyware 20141219
Symantec 20141219
Tencent 20141219
TheHacker 20141219
TotalDefense 20141219
VBA32 20141219
VIPRE 20141219
ViRobot 20141219
Zillya 20141219
Zoner 20141219
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
15
Uncompressed size
1028678
Highest datetime
2014-12-18 13:42:34
Lowest datetime
2014-05-02 08:06:28
Contained files by extension
dll
6
rtf
2
txt
2
chm
1
exe
1
ini
1
Contained files by type
Portable Executable
7
unknown
4
directory
2
RTF
2
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x00000000

FileType
ZIP

ZipCompression
None

ZipUncompressedSize
0

ZipCompressedSize
0

FileTypeExtension
zip

ZipFileName
GuardAxon/

ZipBitFlag
0x0002

ZipModifyDate
2014:12:18 13:42:08

File identification
MD5 e5b92d4520b93814b59eedc3131e2395
SHA1 ded7254647006964d8263eb2440765cd6410164f
SHA256 29e109b6d0b31768dd573c678a7bc4412fedc455ff8fec4a3803d2e80853b501
ssdeep
24576:GbIifMPGAtwscbCsGeGso5QhBWax+cSJmBDH228RZDk:KhEtIKNqhdx+cSc72287k

File size 890.0 KB ( 911329 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (99.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
Tags
contains-pe zip yodaprot

VirusTotal metadata
First submission 2014-12-19 12:12:52 UTC ( 2 years, 10 months ago )
Last submission 2015-10-09 20:33:31 UTC ( 2 years ago )
File names GuardAxon_Portable.zip
Encrypt_Portable.zip
af6f7ecea7091816d87e8ec3b6aa447e5ac85b84
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!