× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2dd633cbe3d5f120bca460bcbb16036570453d7bd5d502eb9ce9088208c876a4
File name: tuhnm.exe
Detection ratio: 49 / 67
Analysis date: 2017-11-27 02:06:47 UTC ( 1 month, 3 weeks ago )
Antivirus Result Update
Ad-Aware Trojan.GenericKD.12568804 20171126
AegisLab Troj.W32.Generic!c 20171127
AhnLab-V3 Win-Trojan/MSILKrypt03.Exp 20171127
ALYac Trojan.GenericKD.12568804 20171127
Antiy-AVL Trojan/Win32.AGeneric 20171127
Arcabit Trojan.Generic.DBFC8E4 20171127
Avast Win32:Malware-gen 20171127
AVG Win32:Malware-gen 20171127
Avira (no cloud) TR/Dropper.MSIL.uytrm 20171126
AVware Trojan.Win32.Generic!BT 20171127
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20171124
BitDefender Trojan.GenericKD.12568804 20171127
CAT-QuickHeal Trojan.Generic 20171125
Comodo UnclassifiedMalware 20171127
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20171016
Cybereason malicious.d38fe8 20171103
Cylance Unsafe 20171127
Cyren W32/GenBl.563C13F3!Olympus 20171127
DrWeb Trojan.Inject2.62887 20171127
Emsisoft Trojan.GenericKD.12568804 (B) 20171127
Endgame malicious (high confidence) 20171024
ESET-NOD32 a variant of MSIL/Injector.TDS 20171127
F-Secure Trojan.GenericKD.12568804 20171127
Fortinet MSIL/Injector.TDS!tr 20171127
GData Trojan.GenericKD.12568804 20171127
Ikarus Win32.Outbreak 20171126
Sophos ML heuristic 20170914
Jiangmin Trojan.Generic.bpxvz 20171127
K7AntiVirus Trojan ( 0051be131 ) 20171124
K7GW Trojan ( 0051be131 ) 20171127
Kaspersky HEUR:Trojan.MSIL.Generic 20171127
Malwarebytes Spyware.LokiBot 20171127
MAX malware (ai score=100) 20171127
McAfee Trojan-FOPT!563C13F3583C 20171127
McAfee-GW-Edition BehavesLike.Win32.Trojan.fc 20171127
Microsoft VirTool:MSIL/Subti.N 20171127
eScan Trojan.GenericKD.12568804 20171127
NANO-Antivirus Trojan.Win32.Mlw.euyqmg 20171127
Palo Alto Networks (Known Signatures) generic.ml 20171127
Panda Trj/GdSda.A 20171126
SentinelOne (Static ML) static engine - malicious 20171113
Sophos AV Mal/Kryptik-AY 20171127
Symantec Trojan.Gen 20171126
Tencent Win32.Trojan.Generic.Suee 20171127
TrendMicro TROJ_GEN.R011C0DKF17 20171126
TrendMicro-HouseCall TROJ_GEN.R011C0DKF17 20171127
VIPRE Trojan.Win32.Generic!BT 20171127
Yandex Trojan.Agent!SpISqykaV48 20171120
ZoneAlarm by Check Point HEUR:Trojan.MSIL.Generic 20171126
Alibaba 20171124
Avast-Mobile 20171126
Bkav 20171124
ClamAV 20171127
CMC 20171126
F-Prot 20171127
Kingsoft 20171127
nProtect 20171127
Qihoo-360 20171127
Rising 20171127
SUPERAntiSpyware 20171126
Symantec Mobile Insight 20171124
TheHacker 20171126
TotalDefense 20171126
Trustlook 20171127
VBA32 20171124
ViRobot 20171126
Webroot 20171127
WhiteArmor 20171104
Zillya 20171124
Zoner 20171127
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright

Original name tuhnm.exe
Internal name tuhnm.exe
File version 0.0.0.0
Description
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-11-13 21:12:03
Entry Point 0x0006147E
Number of sections 3
.NET details
Module Version ID 4c21b340-3e33-4945-874d-eb5167b42d29
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
8.0

ImageVersion
0.0

FileVersionNumber
0.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
1536

EntryPoint
0x6147e

OriginalFileName
tuhnm.exe

MIMEType
application/octet-stream

FileVersion
0.0.0.0

TimeStamp
2017:11:13 22:12:03+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
tuhnm.exe

ProductVersion
0.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
390656

FileSubtype
0

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 563c13f3583c39ae81f93839bcf95596
SHA1 febbb3bd38fe81886a07721016e0712aa5a05b23
SHA256 2dd633cbe3d5f120bca460bcbb16036570453d7bd5d502eb9ce9088208c876a4
ssdeep
6144:2IwuhWV3SdomGPgwFue2TUAHQiFYSpdYzsrtk45X723LJg37umzSDnJzJy1G9gZj:2IwuhqmGPPKnHQiFrnZpreW37gvWG

authentihash e0d2568826451db6c07900970e166ade343d9096a7f637c67c7bc9c29fc5fcdf
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 383.5 KB ( 392704 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe assembly

VirusTotal metadata
First submission 2017-11-14 08:15:43 UTC ( 2 months ago )
Last submission 2017-11-16 08:23:29 UTC ( 2 months ago )
File names 2DD633CBE3D5F120BCA460BCBB16036570453D7BD5D502EB9CE9088208C876A4
tuhnm.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
HTTP requests
DNS requests
TCP connections
UDP communications