× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2bcc5f03e1d63c5fab4aa362f6aecd43def44cc3c246effc13accb7b27b1bd45
File name: 00000238.exe
Detection ratio: 28 / 61
Analysis date: 2017-05-04 10:53:50 UTC ( 1 year, 8 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Graftor.120676 20170504
AegisLab Variant.Graftor.Gen!c 20170504
ALYac Gen:Variant.Graftor.120676 20170504
Arcabit Trojan.Graftor.D1D764 20170504
Avast Win32:Evo-gen [Susp] 20170504
AVG ScreenLocker_s.KG 20170504
Avira (no cloud) TR/Crypt.XPACK.Gen8 20170504
AVware Trojan.Win32.Generic!BT 20170504
BitDefender Gen:Variant.Graftor.120676 20170504
Bkav W32.Clod103.Trojan.4c1e 20170504
Comodo UnclassifiedMalware 20170504
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170130
Emsisoft Gen:Variant.Graftor.120676 (B) 20170504
Endgame malicious (moderate confidence) 20170503
F-Secure Gen:Variant.Graftor.120676 20170504
GData Gen:Variant.Graftor.120676 20170504
Ikarus Trojan-Spy.Win32.Zbot 20170504
Kingsoft Win32.Troj.Generic.a.(kcloud) 20170504
McAfee RDN/Generic.grp 20170504
McAfee-GW-Edition RDN/Generic.grp 20170504
eScan Gen:Variant.Graftor.120676 20170504
NANO-Antivirus Virus.Win32.Gen.ccmw 20170504
Panda Trj/CI.A 20170503
Qihoo-360 Win32/Trojan.815 20170504
Rising Trojan.Generic (cloud:l6KgXBgKElG) 20170504
SentinelOne (Static ML) static engine - malicious 20170330
Symantec Trojan.Gen.2 20170503
VIPRE Trojan.Win32.Generic!BT 20170504
AhnLab-V3 20170503
Alibaba 20170504
Antiy-AVL 20170504
Baidu 20170503
CAT-QuickHeal 20170504
ClamAV 20170504
CMC 20170503
Cyren 20170504
DrWeb 20170504
ESET-NOD32 20170504
F-Prot 20170504
Fortinet 20170504
Sophos ML 20170413
Jiangmin 20170504
K7AntiVirus 20170504
K7GW 20170426
Kaspersky 20170504
Malwarebytes 20170504
Microsoft 20170504
nProtect 20170504
Palo Alto Networks (Known Signatures) 20170504
Sophos AV 20170504
SUPERAntiSpyware 20170504
Symantec Mobile Insight 20170504
Tencent 20170504
TheHacker 20170504
TrendMicro 20170504
TrendMicro-HouseCall 20170504
Trustlook 20170504
VBA32 20170504
ViRobot 20170504
Webroot 20170504
WhiteArmor 20170502
Yandex 20170503
Zillya 20170504
ZoneAlarm by Check Point 20170504
Zoner 20170504
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-10-21 23:12:21
Entry Point 0x00001B58
Number of sections 4
PE sections
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2013:10:22 00:12:21+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
54784

LinkerVersion
10.0

Warning
Error processing PE data dictionary

EntryPoint
0x1b58

InitializedDataSize
33280

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

File identification
MD5 45321f9c1e2ac0a99c0724dde764ba17
SHA1 8d3afef9590e4232ff68d8b49300b2e75f26f569
SHA256 2bcc5f03e1d63c5fab4aa362f6aecd43def44cc3c246effc13accb7b27b1bd45
ssdeep
1536:5dk31cvMPUneyGtoGpT6hF+dldWTxutTULZPq7YOxGmbOHhqBNBsaaKlFOmlE3UW:5dk3uvDGJ63+dldW/q77GmbOHhWBsIl6

authentihash bd47a2543d5d63384d131c4af02f7b7a02ecf12668bd20977bdf039f5904d06b
File size 87.0 KB ( 89088 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2013-10-30 09:09:19 UTC ( 5 years, 2 months ago )
Last submission 2017-05-04 10:53:50 UTC ( 1 year, 8 months ago )
File names 00000238.exe
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: TROJ_GEN.R047C0EFD15.

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!