× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 34acc4c0b61b5ce0b37c3589f97d1f23e6d84011a241e6f85683ee517ce786f1
File name: vti-rescan
Detection ratio: 43 / 57
Analysis date: 2015-01-30 10:51:33 UTC ( 5 months ago )
Antivirus Result Update
ALYac Backdoor.Ploutus 20150130
AVG Generic35.FLD 20150130
AVware Trojan.Win32.Generic!BT 20150130
Ad-Aware Gen:Variant.Kazy.168067 20150130
Agnitum Trojan.PWS.Atmer! 20150129
AhnLab-V3 Trojan/Win32.Atmer 20150130
Avast MSIL:Ploutus-A [Trj] 20150130
Avira TR/Dropper.Gen 20150130
Baidu-International Trojan.Win32.Banker.AAXH 20150130
BitDefender Gen:Variant.Kazy.168067 20150130
Bkav W32.PloutusAtmer.Trojan 20150129
CAT-QuickHeal TrojanSpy.Ploutus.A3 20150130
CMC Trojan-Banker.MSIL.Atmer!O 20150129
Comodo UnclassifiedMalware 20150130
DrWeb Trojan.Ploutus.2 20150130
ESET-NOD32 MSIL/Ploutus.A 20150130
Emsisoft Gen:Variant.Kazy.168067 (B) 20150130
F-Secure Gen:Variant.Kazy.168067 20150130
Fortinet W32/Atmer.A!tr 20150130
GData Gen:Variant.Kazy.168067 20150130
Ikarus Trojan.Banker.Plutus 20150130
Jiangmin Trojan/Banker.MSIL.ds 20150129
K7AntiVirus Trojan ( 0001140e1 ) 20150130
K7GW Trojan ( 0001140e1 ) 20150130
Kaspersky Trojan-Banker.MSIL.Atmer.a 20150130
Kingsoft Win32.Troj.Banker.(kcloud) 20150130
Malwarebytes Backdoor.Bot 20150130
McAfee BackDoor-dispcash 20150130
McAfee-GW-Edition BehavesLike.Win32.Backdoor.nc 20150130
MicroWorld-eScan Gen:Variant.Kazy.168067 20150130
Microsoft TrojanSpy:MSIL/Ploutus.A 20150130
Norman Obfuscated.gen!r 20150130
Qihoo-360 Trojan.Generic 20150130
Sophos Mal/Generic-S 20150130
Symantec Backdoor.Ploutus 20150130
Tencent Msil.Trojan-banker.Atmer.Pjnh 20150130
TheHacker Trojan/Ploutus.a 20150129
TrendMicro TROJ_PLOUTUS.A 20150130
TrendMicro-HouseCall TROJ_PLOUTUS.A 20150130
VBA32 Trojan.MSIL.Atmer 20150129
VIPRE Trojan.Win32.Generic!BT 20150130
ViRobot Trojan.Win32.Ploutus.39424[h] 20150130
nProtect Trojan-Spy/W32.Banker.39424.F 20150130
AegisLab 20150130
Alibaba 20150129
Antiy-AVL 20150130
ByteHero 20150130
ClamAV 20150130
Cyren 20150130
F-Prot 20150130
NANO-Antivirus 20150130
Panda 20150130
Rising 20150129
SUPERAntiSpyware 20150130
TotalDefense 20150129
Zillya 20150129
Zoner 20150130
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Developer metadata
Copyright
Copyright © 2013

Product PloutusService
Original name PloutusService.exe
Internal name PloutusService.exe
File version 1.0.0.0
Description PloutusService
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-08-26 13:54:34
Link date 2:54 PM 8/26/2013
Entry Point 0x0000AF9E
Number of sections 3
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
2048

ImageVersion
0.0

ProductName
PloutusService

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
8.0

OriginalFilename
PloutusService.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.0.0

TimeStamp
2013:08:26 14:54:34+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
PloutusService.exe

FileAccessDate
2015:01:30 11:51:44+01:00

ProductVersion
1.0.0.0

FileDescription
PloutusService

OSVersion
4.0

FileCreateDate
2015:01:30 11:51:44+01:00

FileOS
Win32

LegalCopyright
Copyright 2013

MachineType
Intel 386 or later, and compatibles

CodeSize
36864

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0xaf9e

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 b9f5bd514485fb06da39beff051b9fdc
SHA1 c72a2e50410475a51d897d29ffbbaf2103754d53
SHA256 34acc4c0b61b5ce0b37c3589f97d1f23e6d84011a241e6f85683ee517ce786f1
ssdeep
768:bfdUNCTWkjQqtyUe5kS0tyO3qEZvBRVHxjQTjGobh8dnc:bHykjHgUyhkqEjTRU3Gob0nc

authentihash 62009e03bb3e716cd869ecd73a55baf77748a310061330ee6938c9fd88cb3a88
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 38.5 KB ( 39424 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (82.9%)
Win32 Dynamic Link Library (generic) (7.4%)
Win32 Executable (generic) (5.1%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)
Tags
peexe assembly

VirusTotal metadata
First submission 2013-09-02 15:35:42 UTC ( 1 year, 10 months ago )
Last submission 2015-01-30 10:51:33 UTC ( 5 months ago )
File names PloutusService.exe.ADNNSS22FF-6682.56567e31-a992-48de-8f92-543aee9bb6cb
c72a2e50410475a51d897d29ffbbaf2103754d53_PloutusService.ex
PloutusService.exe
vti-rescan
exe.ex
b9f5bd514485fb06da39beff051b9fdc
34acc4c0b61b5ce0b37c3589f97d1f23e6d84011a2.exe
ploutusservice.exe
34acc4c0b61b5ce0b37c3589f97d1f23e6d84011a241e6f85683ee517ce786f1
b9f5bd514485fb06da39beff051b9fdc.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!