× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 33f54fe6208bdd2085ee0d3bcef0a3a6a1e8803f31185bd54a16110614deb218
File name: 14370a60e4ed1cec026362b8359d57da
Detection ratio: 41 / 68
Analysis date: 2018-12-25 02:39:10 UTC ( 1 month, 4 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Zusy.232802 20181225
ALYac Gen:Variant.Zusy.232802 20181225
Antiy-AVL Trojan/Win32.Pynamer 20181225
Arcabit Trojan.Zusy.D38D62 20181225
Avast Win32:Malware-gen 20181225
AVG Win32:Malware-gen 20181225
Avira (no cloud) HEUR/AGEN.1024629 20181224
BitDefender Gen:Variant.Zusy.232802 20181224
CAT-QuickHeal Trojan.Pynamer 20181224
Comodo Malware@#27ygdvtfblf60 20181224
CrowdStrike Falcon (ML) malicious_confidence_90% (W) 20181022
Cybereason malicious.0e4ed1 20180225
Cylance Unsafe 20181225
Cyren W32/Trojan.RGCO-2956 20181224
Emsisoft Gen:Variant.Zusy.232802 (B) 20181224
Endgame malicious (moderate confidence) 20181108
ESET-NOD32 a variant of MSIL/TrojanClicker.Agent.NHW 20181225
F-Secure Gen:Variant.Zusy.232802 20181224
Fortinet MSIL/Agent.NHW!tr 20181224
GData Gen:Variant.Zusy.232802 20181224
Ikarus Trojan.MSIL.TrojanClicker 20181224
Sophos ML heuristic 20181128
K7AntiVirus Trojan ( 004c5cd01 ) 20181224
K7GW Trojan ( 004c5cd01 ) 20181224
Kaspersky UDS:DangerousObject.Multi.Generic 20181224
Malwarebytes Trojan.Clicker.MSIL 20181224
MAX malware (ai score=100) 20181225
McAfee GenericRXEY-BE!14370A60E4ED 20181225
McAfee-GW-Edition GenericRXEY-BE!14370A60E4ED 20181225
Microsoft Trojan:Win32/Pynamer.B!ac 20181225
eScan Gen:Variant.Zusy.232802 20181225
Palo Alto Networks (Known Signatures) generic.ml 20181225
Panda Trj/GdSda.A 20181224
Qihoo-360 HEUR/QVM03.0.5C5F.Malware.Gen 20181225
Rising Trojan.Clicker-Agent!8.13 (CLOUD) 20181225
Sophos AV Mal/Generic-S 20181225
Symantec ML.Attribute.HighConfidence 20181224
TrendMicro Mal_COINMINE2 20181225
VBA32 TScope.Trojan.MSIL 20181222
Zillya Trojan.Agent.Win32.1019708 20181222
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20181225
Acronis 20181224
AegisLab 20181225
AhnLab-V3 20181224
Alibaba 20180921
Avast-Mobile 20181224
Babable 20180918
Baidu 20181207
Bkav 20181224
CMC 20181224
DrWeb 20181224
eGambit 20181225
F-Prot 20181224
Jiangmin 20181224
Kingsoft 20181225
NANO-Antivirus 20181225
SentinelOne (Static ML) 20181223
SUPERAntiSpyware 20181220
TACHYON 20181224
Tencent 20181225
TheHacker 20181220
TotalDefense 20181223
TrendMicro-HouseCall 20181225
Trustlook 20181225
ViRobot 20181225
Webroot 20181225
Yandex 20181223
Zoner 20181225
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright © Microsoft 2014

Product RedirectAds
Original name RedirectAds.exe
Internal name RedirectAds.exe
File version 1.0.0.131
Description RedirectAds
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-11-21 05:44:25
Entry Point 0x00046A1E
Number of sections 3
.NET details
Module Version ID 3fe36810-d77b-4aba-9cee-40685ea39e0d
TypeLib ID bba2ff31-d614-479f-b70d-e5a3cf69073b
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
4608

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.131

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
RedirectAds

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
11.0

EntryPoint
0x46a1e

OriginalFileName
RedirectAds.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright Microsoft 2014

FileVersion
1.0.0.131

TimeStamp
2018:11:21 06:44:25+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
RedirectAds.exe

ProductVersion
1.0.0.131

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft

CodeSize
281600

ProductName
RedirectAds

ProductVersionNumber
1.0.0.131

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.131

File identification
MD5 14370a60e4ed1cec026362b8359d57da
SHA1 1da904a484c88365c3875b362c778e970b6b1912
SHA256 33f54fe6208bdd2085ee0d3bcef0a3a6a1e8803f31185bd54a16110614deb218
ssdeep
6144:Gj4zngSFtMHPyUaw8qwPMRdDoEd5z5Qg3NdkYtF0+:Gj4zgSFmP9x8qwPMXDb5z5Qg3NdkwFx

authentihash 6354db8d4fd96813c8a80830320a9fa29c03b814885de1d68f61eed0e8ac5ecd
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 280.0 KB ( 286720 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (55.8%)
Win64 Executable (generic) (21.0%)
Windows screen saver (9.9%)
Win32 Dynamic Link Library (generic) (5.0%)
Win32 Executable (generic) (3.4%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-11-21 16:54:09 UTC ( 3 months ago )
Last submission 2018-12-21 22:57:15 UTC ( 2 months ago )
File names 14370a60e4ed1cec026362b8359d57da
redirectads.exe
RedirectAds.exe
.
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!