× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2a6d786b0d82b6df18176a04c196e4c3d2d95099e4bb956a4bd7d1ba8ad4e839
File name: c6IkRO.jpg
Detection ratio: 50 / 71
Analysis date: 2019-01-28 14:14:41 UTC ( 3 months, 3 weeks ago ) View latest
Antivirus Result Update
Acronis suspicious 20190128
Ad-Aware Trojan.GenericKD.40671497 20190128
ALYac Trojan.GenericKD.40671497 20190128
Arcabit Trojan.Generic.D26C9909 20190128
Avast Win32:Trojan-gen 20190128
AVG Win32:Trojan-gen 20190128
Avira (no cloud) HEUR/AGEN.1036707 20190128
BitDefender Trojan.GenericKD.40671497 20190128
CAT-QuickHeal Trojan.IGENERIC 20190127
Comodo Malware@#1w614b2f0dd9q 20190128
CrowdStrike Falcon (ML) malicious_confidence_90% (W) 20181023
Cybereason malicious.164b94 20190109
Cylance Unsafe 20190128
Cyren W32/MSIL_Troj.OE.gen!Eldorado 20190128
Emsisoft Trojan.GenericKD.40671497 (B) 20190128
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of MSIL/Kryptik.PZZ 20190128
F-Prot W32/MSIL_Troj.OE.gen!Eldorado 20190128
F-Secure Trojan.GenericKD.40671497 20190128
Fortinet MSIL/Kryptik.PZZ!tr 20190128
GData Win32.Trojan.Kryptik.JK 20190128
Ikarus Trojan.MSIL.Crypt 20190128
Sophos ML heuristic 20181128
K7AntiVirus Trojan ( 0053fff41 ) 20190128
K7GW Trojan ( 0053fff41 ) 20190128
Kaspersky HEUR:Backdoor.MSIL.Androm.gen 20190128
Malwarebytes Trojan.FakeMS 20190128
MAX malware (ai score=100) 20190128
McAfee Packed-FNY!C23D41C164B9 20190128
McAfee-GW-Edition BehavesLike.Win32.Generic.tc 20190127
Microsoft Trojan:Win32/Skeeyah.A!rfn 20190128
eScan Trojan.GenericKD.40671497 20190128
NANO-Antivirus Trojan.Win32.Androm.fkoszn 20190128
Palo Alto Networks (Known Signatures) generic.ml 20190128
Panda Trj/GdSda.A 20190128
Qihoo-360 Win32/Backdoor.9cf 20190128
SentinelOne (Static ML) static engine - malicious 20190124
Sophos AV Mal/Generic-S 20190128
Symantec ML.Attribute.HighConfidence 20190128
Tencent Win32.Trojan.Fakedoc.Auto 20190128
Trapmine malicious.high.ml.score 20190123
TrendMicro Trojan.Win32.Boilod.SM.hp 20190128
TrendMicro-HouseCall Trojan.Win32.Boilod.SM.hp 20190128
VBA32 CIL.StupidCryptor.Heur 20190128
VIPRE Trojan.Win32.Generic!BT 20190127
ViRobot Trojan.Win32.Z.Kryptik.1225728.C 20190128
Webroot W32.Trojan.Gen 20190128
Yandex Trojan.Kryptik!a96jEsVnOys 20190125
Zillya Backdoor.Androm.Win32.56037 20190125
ZoneAlarm by Check Point HEUR:Backdoor.MSIL.Androm.gen 20190128
AegisLab 20190128
AhnLab-V3 20190128
Alibaba 20180921
Antiy-AVL 20190128
Avast-Mobile 20190127
Babable 20180917
Baidu 20190127
Bkav 20190125
ClamAV 20190128
CMC 20190128
DrWeb 20190128
eGambit 20190128
Jiangmin 20190128
Kingsoft 20190128
Rising 20190128
SUPERAntiSpyware 20190123
TACHYON 20190127
TheHacker 20190124
TotalDefense 20190127
Trustlook 20190128
Zoner 20190128
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2018 Lands' End Inc.

Product ISAPI filter module
Original name STANCrr.exe
Internal name STANCrr.exe
File version 19.4.26.1
Description ISAPI filter module
Comments uxepapekoxemawimehiyuxow
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1980-02-26 02:05:09
Entry Point 0x0013400A
Number of sections 5
.NET details
Module Version ID d074a89d-194c-47d6-91fa-d9977469fb40
TypeLib ID afe79bd1-0b0b-4cd9-afb6-1d798e2cb570
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 9
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 12
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
uxepapekoxemawimehiyuxow

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
19.4.26.1

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
ISAPI filter module

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
986112

EntryPoint
0x13400a

OriginalFileName
STANCrr.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2018 Lands' End Inc.

FileVersion
19.4.26.1

TimeStamp
1980:02:26 03:05:09+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
STANCrr.exe

ProductVersion
19.4.26.1

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Lands' End Inc.

CodeSize
238592

ProductName
ISAPI filter module

ProductVersionNumber
19.4.26.1

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 c23d41c164b948c4eea4d02298954c55
SHA1 d2889ccc87c6e4fe16515df5effceb4570d6d082
SHA256 2a6d786b0d82b6df18176a04c196e4c3d2d95099e4bb956a4bd7d1ba8ad4e839
ssdeep
24576:YW9CoN1O2ohk4cm3RQKsNhnnRQS9mhwSZ6CCE:J9Co1oHcPO+Cwd

authentihash 2c4375ec5531603adcbda4d6d9e194b7fb6a8f9e7dd38b3f271db593e74dfd38
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 1.2 MB ( 1225728 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-11-01 14:26:05 UTC ( 6 months, 2 weeks ago )
Last submission 2019-02-12 20:16:42 UTC ( 3 months, 1 week ago )
File names STANCrr.exe
c6IkRO.jpg
2a6d786b0d82b6df18176a04c196e4c3d2d95099e4bb956a4bd7d1ba8ad4e839.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!