× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 337b42fedd413703f5911a982ac253fa5ab08d42b75061c1ac87b3dac3143628
File name: Afzfz6787.exe
Detection ratio: 49 / 66
Analysis date: 2017-10-15 12:37:25 UTC ( 3 months, 1 week ago )
Antivirus Result Update
Ad-Aware Trojan.MSIL.Agent.CUT 20171015
AegisLab Troj.W32.Generic!c 20171015
AhnLab-V3 Trojan/Win32.ADM.R204579 20171015
ALYac Trojan.MSIL.Agent.CUT 20171015
Arcabit Trojan.MSIL.Agent.CUT 20171015
Avast Win32:Adware-gen [Adw] 20171015
AVG Win32:Adware-gen [Adw] 20171015
Avira (no cloud) ADWARE/EoRezo.syyym 20171015
AVware Trojan.Win32.Generic!BT 20171015
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9981 20171013
BitDefender Trojan.MSIL.Agent.CUT 20171015
CAT-QuickHeal Trojan.Generic 20171014
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20170804
Cylance Unsafe 20171015
Cyren W32/S-df4dae5e!Eldorado 20171015
DrWeb Adware.WizzMonetize.1 20171015
eGambit malicious_confidence_98% 20171015
Emsisoft Trojan.MSIL.Agent.CUT (B) 20171015
Endgame malicious (high confidence) 20170821
ESET-NOD32 a variant of MSIL/Kryptik.KOC 20171015
F-Prot W32/S-df4dae5e!Eldorado 20171015
F-Secure Trojan.MSIL.Agent.CUT 20171015
Fortinet MSIL/Kryptik.KZF!tr 20171015
Ikarus Trojan.MSIL.Crypt 20171015
Sophos ML heuristic 20170914
Jiangmin Trojan.Generic.blczu 20171015
K7AntiVirus Trojan ( 00514c561 ) 20171015
K7GW Trojan ( 00514c561 ) 20171015
Kaspersky HEUR:Trojan.Win32.Generic 20171015
MAX malware (ai score=100) 20171015
McAfee GenericRXCX-WR!F1AC47CE76A7 20171015
McAfee-GW-Edition BehavesLike.Win32.Generic.jh 20171015
eScan Trojan.MSIL.Agent.CUT 20171015
NANO-Antivirus Trojan.Win32.WizzMonetize.etkwfc 20171015
Palo Alto Networks (Known Signatures) generic.ml 20171015
Panda Trj/GdSda.A 20171015
Qihoo-360 Win32/Application.e82 20171015
Rising Trojan.MSIL/Kryptik!1.AD40 (CLASSIC) 20171015
SentinelOne (Static ML) static engine - malicious 20171001
Sophos AV Mal/Generic-S 20171015
SUPERAntiSpyware PUP.Tuto4PC/Variant 20171015
Symantec Trojan.Gen 20171014
Tencent Win32.Trojan.Generic.Ecka 20171015
TrendMicro TROJ_GEN.R002C0WJ617 20171015
TrendMicro-HouseCall TROJ_GEN.R002C0WJ617 20171015
VIPRE Trojan.Win32.Generic!BT 20171015
ViRobot Trojan.Win32.Z.Kryptik.668672.AD 20171015
Zillya Trojan.Kryptik.Win32.1270814 20171013
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20171015
Alibaba 20170911
Antiy-AVL 20171015
Avast-Mobile 20171015
Bkav 20171013
ClamAV 20171015
CMC 20171015
Comodo 20171015
Kingsoft 20171015
Malwarebytes 20171015
Microsoft 20171015
nProtect 20171015
Symantec Mobile Insight 20171011
TheHacker 20171013
TotalDefense 20171015
Trustlook 20171015
VBA32 20171013
Webroot 20171015
WhiteArmor 20170927
Yandex 20171013
Zoner 20171015
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1537

Product R4K93AGQ
Original name Afzfz6787.exe
Internal name Afzfz6787.exe
File version 1.2.3.3
Description R4K93
Comments R4K93AGQ
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-10-06 11:36:44
Entry Point 0x000A3CF2
Number of sections 3
.NET details
Module Version ID 862753a9-d78a-4b59-8072-857e8ad3de30
TypeLib ID f6d97387-b108-4dd9-9b1f-370b2e4bc694
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

Comments
R4K93AGQ

LinkerVersion
48.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.2.3.3

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
R4K93

CharacterSet
Unicode

InitializedDataSize
5120

EntryPoint
0xa3cf2

OriginalFileName
Afzfz6787.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 1537

FileVersion
1.2.3.3

TimeStamp
2017:10:06 12:36:44+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Afzfz6787.exe

ProductVersion
1.2.3.3

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
R4K93AGQB

CodeSize
663040

ProductName
R4K93AGQ

ProductVersionNumber
1.2.3.3

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
2.4.0.0

File identification
MD5 f1ac47ce76a7f433c38867964f54e30f
SHA1 a830b001c1c4d8416fc828127cea98a5150e00df
SHA256 337b42fedd413703f5911a982ac253fa5ab08d42b75061c1ac87b3dac3143628
ssdeep
12288:GE5XAI+YwCjxuy3h5tZZdE2g9VLGY/tejVF1NY2FMUvKchJzMsrcX+k:ZKI+YwA5tZZdQ/6FTgSJzvwuk

authentihash 959fe7ac8dedd0b0ff2efb37db472523b50fe6397c56838b7a59b81690dd68c5
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 653.0 KB ( 668672 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (72.2%)
Windows screen saver (12.9%)
Win32 Dynamic Link Library (generic) (6.4%)
Win32 Executable (generic) (4.4%)
Generic Win/DOS Executable (1.9%)
Tags
peexe assembly

VirusTotal metadata
First submission 2017-10-06 14:47:22 UTC ( 3 months, 2 weeks ago )
Last submission 2017-10-06 14:47:22 UTC ( 3 months, 2 weeks ago )
File names SRTV4UBTG.exe
Afzfz6787.exe
33BMJKGV0.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!