× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 317da36384f2befbee6266b4d6e92ab36f275c8b17c78848cb4a168b8c671e25
File name: pt.exe
Detection ratio: 12 / 67
Analysis date: 2018-04-18 20:30:38 UTC ( 10 months, 1 week ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9964 20180417
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170201
Cylance Unsafe 20180418
Endgame malicious (high confidence) 20180402
ESET-NOD32 a variant of MSIL/Kryptik.NRF 20180418
Sophos ML heuristic 20180120
McAfee Packed-FDR!E7B96664DF9F 20180418
McAfee-GW-Edition BehavesLike.Win32.Generic.gh 20180418
Microsoft Trojan:Win32/Fuery.A!cl 20180418
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/Kryptik-BZ 20180418
Symantec ML.Attribute.HighConfidence 20180418
Ad-Aware 20180418
AegisLab 20180418
AhnLab-V3 20180418
Alibaba 20180418
ALYac 20180418
Antiy-AVL 20180418
Arcabit 20180418
Avast 20180418
Avast-Mobile 20180418
AVG 20180418
Avira (no cloud) 20180418
AVware 20180418
BitDefender 20180418
Bkav 20180410
CAT-QuickHeal 20180418
ClamAV 20180418
CMC 20180418
Comodo 20180418
Cybereason None
Cyren 20180418
DrWeb 20180418
eGambit 20180418
Emsisoft 20180418
F-Prot 20180418
F-Secure 20180418
Fortinet 20180418
GData 20180418
Ikarus 20180418
Jiangmin 20180418
K7AntiVirus 20180418
K7GW 20180418
Kaspersky 20180418
Kingsoft 20180418
Malwarebytes 20180418
MAX 20180418
eScan 20180418
NANO-Antivirus 20180418
nProtect 20180418
Palo Alto Networks (Known Signatures) 20180418
Panda 20180418
Qihoo-360 20180418
Rising 20180418
SUPERAntiSpyware 20180418
Symantec Mobile Insight 20180411
Tencent 20180418
TheHacker 20180415
TotalDefense 20180418
TrendMicro 20180418
TrendMicro-HouseCall 20180418
Trustlook 20180418
VBA32 20180418
VIPRE 20180418
ViRobot 20180418
Webroot 20180418
WhiteArmor 20180408
Yandex 20180417
Zillya 20180418
ZoneAlarm by Check Point 20180418
Zoner 20180418
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-04-18 09:12:48
Entry Point 0x000353FE
Number of sections 3
.NET details
Module Version ID eaf92204-e57b-43f7-a2cc-09d90da96a12
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 3
RT_MANIFEST 1
RT_HTML 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 5
GERMAN 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2018:04:18 09:12:48+00:00

FileType
Win32 EXE

PEType
PE32

CodeSize
210432

LinkerVersion
6.0

FileTypeExtension
exe

InitializedDataSize
207360

SubsystemVersion
4.0

EntryPoint
0x353fe

OSVersion
4.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 e7b96664df9f3a09e78e100f8f59ce29
SHA1 0ee68c0f98a5477c26ad4ad15a5e30d8f16bf5b5
SHA256 317da36384f2befbee6266b4d6e92ab36f275c8b17c78848cb4a168b8c671e25
ssdeep
12288:5EsXIVWOqQZEz2VDlIs41xWigCGYiI4A8eHNb1+L8yl:KqciMLf

authentihash e90a533d86d88df5a757805a88d287b6dab873ba1c15d01de0b515508882a1e7
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 408.5 KB ( 418304 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (62.0%)
Win64 Executable (generic) (23.4%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.8%)
OS/2 Executable (generic) (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-04-18 20:30:38 UTC ( 10 months, 1 week ago )
Last submission 2018-04-20 19:04:07 UTC ( 10 months, 1 week ago )
File names pt.exe
output.113110800.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!