× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2bced7fefd4b4e1ed9a043a49204d3ec571bd1d683044e28cc713924d5f6e2f6
File name: f1ecfc71291ba7206f3abed7a67a01ac
Detection ratio: 31 / 54
Analysis date: 2014-09-05 17:25:21 UTC ( 4 years, 7 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Graftor.152389 20140905
AhnLab-V3 Spyware/Win32.Zbot 20140905
Antiy-AVL Trojan[Spy]/Win32.Zbot 20140905
Avast Win32:Malware-gen 20140905
AVG Inject2.ASIU 20140905
Avira (no cloud) TR/Spy.ZBot.oppl 20140905
AVware FraudTool.Win32.SecurityShield.ek!c (v) 20140905
BitDefender Gen:Variant.Graftor.152389 20140905
Comodo UnclassifiedMalware 20140905
DrWeb Trojan.DownLoad3.32784 20140905
Emsisoft Gen:Variant.Graftor.152389 (B) 20140905
ESET-NOD32 Win32/Spy.Zbot.AAQ 20140905
F-Secure Gen:Variant.Graftor.152389 20140905
Fortinet W32/Inject.AAQ!tr 20140905
GData Gen:Variant.Graftor.152389 20140905
Ikarus Trojan.Win32.Spy 20140905
K7GW Unwanted-File ( 6b49d2001 ) 20140905
Kingsoft Win32.Troj.Zbot.tw.(kcloud) 20140905
Malwarebytes Trojan.Zbot 20140905
McAfee Artemis!F1ECFC71291B 20140905
McAfee-GW-Edition BehavesLike.Win32.BadFile.dc 20140904
eScan Gen:Variant.Graftor.152389 20140905
NANO-Antivirus Trojan.Win32.Zbot.decmsm 20140905
Sophos AV Troj/Inject-BCB 20140905
SUPERAntiSpyware Trojan.Agent/Gen-BEPA 20140905
Symantec WS.Reputation.1 20140905
TheHacker Trojan/Spy.Zbot.aaq 20140904
VBA32 TrojanSpy.Zbot 20140905
VIPRE FraudTool.Win32.SecurityShield.ek!c (v) 20140905
ViRobot Trojan.Win32.Zbot.251978 20140905
Zillya Trojan.ZBot.Win32.28 20140904
AegisLab 20140905
Yandex 20140905
Baidu-International 20140905
Bkav 20140904
ByteHero 20140905
CAT-QuickHeal 20140904
ClamAV 20140905
CMC 20140904
Cyren 20140905
F-Prot 20140905
Jiangmin 20140904
K7AntiVirus 20140905
Kaspersky 20140905
Microsoft 20140905
Norman 20140905
nProtect 20140905
Panda 20140905
Qihoo-360 20140905
Rising 20140905
Tencent 20140905
TotalDefense 20140905
TrendMicro 20140905
TrendMicro-HouseCall 20140905
Zoner 20140905
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
FileVersionInfo properties
Copyright
Copyright © 1998-2013 VMware, Inc.

Publisher VMware, Inc.
Product VMware Workstation
Original name vmware-vmx.exe
Internal name vmware-vmx
File version 10.0.1 build-1379776
Description VMware Workstation VMX
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-07-21 19:55:17
Entry Point 0x00002DBA
Number of sections 6
PE sections
Number of PE resources by type
RT_STRING 3
RT_DIALOG 1
RT_ICON 1
RT_MENU 1
RT_ACCELERATOR 1
RT_BITMAP 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
CHINESE SIMPLIFIED 8
NEUTRAL 2
PE resources
File identification
MD5 f1ecfc71291ba7206f3abed7a67a01ac
SHA1 518ee8bc4a2a6cb50a75dc3f958911a2d95d596f
SHA256 2bced7fefd4b4e1ed9a043a49204d3ec571bd1d683044e28cc713924d5f6e2f6
ssdeep
6144:rfdXd/Gcf/F3hP6JjHxdGj9NTYBP7ToqtCuW:j/R3d613GPE1EG9W

imphash e00bc4fbbfadbba6dc00894c2d7af9ac
File size 220.1 KB ( 225388 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
corrupt peexe

VirusTotal metadata
First submission 2014-09-05 17:25:21 UTC ( 4 years, 7 months ago )
Last submission 2014-09-05 17:25:21 UTC ( 4 years, 7 months ago )
File names vmware-vmx
vmware-vmx.exe
f1ecfc71291ba7206f3abed7a67a01ac
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!