× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 32132ca8f421b8e47ec2d6aeef18d2f1c713fa2a5bd913298b91ce3297b1f56d
File name: a3fa66efdd5aaf0d190e5925fff1000e51ed5106
Detection ratio: 47 / 63
Analysis date: 2018-06-16 10:05:09 UTC ( 4 months, 1 week ago )
Antivirus Result Update
AegisLab Troj.W32.naKocTb.tnB5 20180616
AhnLab-V3 Trojan/Win32.naKocTb.C1575888 20180615
ALYac Trojan.PWS.ZKD 20180616
Antiy-AVL Trojan/Win32.SGeneric 20180616
Arcabit Trojan.PWS.ZKD 20180616
Avast Win32:LokiBot-A [Trj] 20180616
AVG Win32:LokiBot-A [Trj] 20180616
Avira (no cloud) TR/Crypt.XPACK.Gen 20180615
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9723 20180615
BitDefender Trojan.PWS.ZKD 20180616
Bkav W32.TasumisCAK.Trojan 20180616
CAT-QuickHeal Trojan.Zenshirsh.SL7 20180615
ClamAV Win.Trojan.naKocTb-6331389-1 20180616
Cylance Unsafe 20180616
Cyren W32/Trojan.LAPN-1109 20180616
DrWeb Trojan.PWS.Stealer.23680 20180616
Emsisoft Trojan-PSW.Fareit (A) 20180616
ESET-NOD32 Win32/PSW.Fareit.L 20180616
F-Prot W32/Trojan2.PBTA 20180616
F-Secure Trojan.PWS.ZKD 20180616
Fortinet W32/Generic.AP.BA928!tr 20180616
GData Trojan.PWS.ZKD 20180616
Ikarus Trojan-Spy.LokiBot 20180616
Sophos ML heuristic 20180601
Jiangmin Trojan.naKocTb.l 20180616
K7AntiVirus Password-Stealer ( 004d5a661 ) 20180616
K7GW Password-Stealer ( 004d5a661 ) 20180616
Kaspersky Trojan.Win32.Agentb.bvrg 20180616
Malwarebytes Spyware.LokiBot 20180616
MAX malware (ai score=99) 20180616
McAfee GenericRXCL-KZ!460F9E877AFA 20180616
McAfee-GW-Edition BehavesLike.Generic.qc 20180616
Microsoft PWS:Win32/Dyzap.X 20180616
NANO-Antivirus Trojan.Win32.Stealer.eshrhl 20180616
Panda Trj/GdSda.A 20180616
Qihoo-360 Win32/Trojan.BO.68d 20180616
Sophos AV Troj/Fareit-CHG 20180616
Symantec Trojan.Gen.NPE 20180615
Tencent Win32.Trojan.Agentb.Szlw 20180616
TheHacker Trojan/Fareit.l 20180613
TrendMicro TSPY_LOKI.SMA 20180616
TrendMicro-HouseCall TSPY_LOKI.SMA 20180616
VBA32 Trojan.naKocTb 20180615
ViRobot Trojan.Win32.Agent.106496.HD 20180616
Zillya Trojan.naKocTb.Win32.12 20180615
ZoneAlarm by Check Point Trojan.Win32.Agentb.bvrg 20180616
Zoner Trojan.Nakoctb 20180615
Ad-Aware 20180616
Alibaba 20180615
Avast-Mobile 20180616
AVware 20180616
Babable 20180406
CMC 20180615
Comodo 20180616
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
eGambit 20180616
Endgame 20180612
Kingsoft 20180616
eScan 20180616
Palo Alto Networks (Known Signatures) 20180616
Rising 20180616
SentinelOne (Static ML) 20180225
SUPERAntiSpyware 20180616
Symantec Mobile Insight 20180614
TACHYON 20180616
TotalDefense 20180616
Trustlook 20180616
VIPRE 20180616
Webroot 20180616
Yandex 20180615
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
1
Uncompressed size
106496
Highest datetime
2016-11-14 12:42:40
Lowest datetime
2016-11-14 12:42:40
Contained files by extension
exe
1
Contained files by type
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x0b255132

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
106496

ZipCompressedSize
52045

FileTypeExtension
zip

ZipFileName
build.exe

ZipBitFlag
0

ZipModifyDate
2016:11:14 12:42:40

File identification
MD5 5f88e61c806e958850cf75adf201126a
SHA1 ef2193883e954154a8a66f0ef5fe417e8df5f9f5
SHA256 32132ca8f421b8e47ec2d6aeef18d2f1c713fa2a5bd913298b91ce3297b1f56d
ssdeep
1536:fN0nO6FiV3cojZxeg5KjnkQDc7avGeCUlu:fUF+3cMTn5Qz3PE

File size 51.0 KB ( 52197 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (80.0%)
PrintFox/Pagefox bitmap (var. P) (20.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2018-06-15 08:37:29 UTC ( 4 months, 1 week ago )
Last submission 2018-06-16 10:05:09 UTC ( 4 months, 1 week ago )
File names a3fa66efdd5aaf0d190e5925fff1000e51ed5106
build.zip
build.zip
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!