× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 30be82cbeb020b0b230a077b222f292d56cf7e6b578d6af3314a3d04c6755270
File name: b48f1924db857dccc0a7fa84d3a5a23b
Detection ratio: 44 / 61
Analysis date: 2017-09-21 01:32:19 UTC ( 1 year, 8 months ago )
Antivirus Result Update
AegisLab Uds.Dangerousobject.Multi!c 20170921
AhnLab-V3 Trojan/Win32.LogininfoStealer.R207545 20170920
ALYac Spyware.SpyEyes 20170920
Antiy-AVL Trojan[Spy]/Win32.SpyEyes 20170921
Arcabit Trojan.Agent.CMAA 20170920
Avast Win32:Spyware-gen [Spy] 20170920
AVG Win32:Spyware-gen [Spy] 20170920
Avira (no cloud) TR/Dropper.VB.mewop 20170920
AVware Trojan.Win32.Generic!BT 20170920
BitDefender Trojan.Agent.CMAA 20170920
CAT-QuickHeal TrojanPWS.Fareit 20170920
ClamAV Win.Packer.VbPack-0-6334882-0 20170921
Cylance Unsafe 20170921
Cyren W32/Trojan.SPKC-0712 20170920
DrWeb Trojan.PWS.Stealer.16325 20170920
Emsisoft Trojan.Fareit (A) 20170921
ESET-NOD32 Win32/PSW.Fareit.A 20170921
F-Secure Trojan.Agent.CMAA 20170920
Fortinet W32/Injector.CYLW!tr 20170921
GData Trojan.Agent.CMAA 20170920
Ikarus Trojan.VB.Crypt 20170920
Sophos ML heuristic 20170914
Jiangmin Worm.VBNA.afva 20170921
K7AntiVirus Password-Stealer ( 004b89e61 ) 20170920
K7GW Password-Stealer ( 004b89e61 ) 20170920
Kaspersky Trojan-Spy.Win32.SpyEyes.baou 20170921
Malwarebytes Spyware.Pony 20170920
MAX malware (ai score=83) 20170920
McAfee Fareit-FJG!166FA8C050A7 20170920
McAfee-GW-Edition BehavesLike.Downloader.fc 20170920
Microsoft PWS:Win32/Fareit 20170920
NANO-Antivirus Trojan.Win32.Stealer.esdstl 20170921
Panda Trj/GdSda.A 20170920
Rising Malware.Heuristic!ET#100% (RDM+:cmRtazotpOk05suNpjRdwy5MFHJc) 20170921
Sophos AV Mal/FareitVB-M 20170921
Symantec Trojan.Gen.NPE 20170920
TrendMicro TROJ_GE.B49F51ED 20170921
TrendMicro-HouseCall TSPY_VBFAREIT.SM 20170920
VBA32 TrojanSpy.SpyEyes 20170920
VIPRE Trojan.Win32.Generic!BT 20170920
ViRobot Trojan.Win32.S.Agent.425984.LL 20170920
Webroot W32.Trojan.Gen 20170921
Yandex TrojanSpy.SpyEyes!yjkMHQurMFQ 20170908
ZoneAlarm by Check Point Trojan-Spy.Win32.SpyEyes.baou 20170920
Ad-Aware 20170920
Alibaba 20170911
Avast-Mobile 20170829
Baidu 20170920
CMC 20170920
Comodo 20170920
CrowdStrike Falcon (ML) 20170804
Endgame 20170821
F-Prot 20170920
Kingsoft 20170921
eScan 20170921
nProtect 20170920
Palo Alto Networks (Known Signatures) 20170921
Qihoo-360 20170921
SentinelOne (Static ML) 20170806
SUPERAntiSpyware 20170921
Symantec Mobile Insight 20170920
Tencent 20170921
TheHacker 20170916
TotalDefense 20170920
Trustlook 20170921
WhiteArmor 20170829
Zillya 20170920
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
3
Uncompressed size
960414
Highest datetime
2017-08-26 06:12:34
Lowest datetime
2017-08-25 20:27:54
Contained files by extension
exe
2
ace
1
Contained files by type
Portable Executable
2
unknown
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0xa373155e

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
425984

ZipCompressedSize
108218

FileTypeExtension
zip

ZipFileName
Purchase order.exe

ZipBitFlag
0x0002

ZipModifyDate
2017:08:25 20:27:27

File identification
MD5 b48f1924db857dccc0a7fa84d3a5a23b
SHA1 c2d69b4c4cb5dcbdf66485eca859f1aeb31e9830
SHA256 30be82cbeb020b0b230a077b222f292d56cf7e6b578d6af3314a3d04c6755270
ssdeep
6144:TUCW+oREWh2Xq0FWRjB6VxkCW+oREWh2Xq0FWRjB6V1pqOh3JlW+sxFEiG7:TtXWhEURjB6T9XWhEURjB6XVhfW+sxFI

File size 317.4 KB ( 325066 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2017-09-21 01:32:19 UTC ( 1 year, 8 months ago )
Last submission 2017-09-21 01:32:19 UTC ( 1 year, 8 months ago )
File names b48f1924db857dccc0a7fa84d3a5a23b
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!