× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 34acc4c0b61b5ce0b37c3589f97d1f23e6d84011a241e6f85683ee517ce786f1
File name: 34acc4c0b61b5ce0b37c3589f97d1f23e6d84011a241e6f85683ee517ce786f1.exe
Detection ratio: 42 / 56
Analysis date: 2016-04-28 09:55:17 UTC ( 2 months, 4 weeks ago )
Antivirus Result Update
AVware Trojan.Win32.Generic!BT 20160428
Ad-Aware Gen:Variant.Razy.26856 20160428
AhnLab-V3 Trojan/Win32.Atmer 20160428
Arcabit Trojan.Razy.D68E8 20160428
Avira (no cloud) TR/Dropper.Gen 20160428
Baidu Win32.Trojan.WisdomEyes.151026.9950.9961 20160428
Baidu-International Trojan.Win32.Banker.a 20160427
BitDefender Gen:Variant.Razy.26856 20160428
Bkav W32.PloutusAtmer.Trojan 20160427
CAT-QuickHeal TrojanSpy.Ploutus.A3 20160428
CMC Trojan-Banker.MSIL.Atmer!O 20160428
Comodo UnclassifiedMalware 20160428
DrWeb Trojan.Ploutus.2 20160428
ESET-NOD32 MSIL/Ploutus.A 20160428
Emsisoft Gen:Variant.Razy.26856 (B) 20160428
F-Secure Gen:Variant.Razy.26856 20160428
Fortinet W32/Atmer.A!tr 20160428
GData Gen:Variant.Razy.26856 20160428
Ikarus Trojan.Banker.Plutus 20160428
Jiangmin Trojan/Banker.MSIL.ck 20160428
K7AntiVirus Trojan ( 0001140e1 ) 20160428
K7GW Trojan ( 0001140e1 ) 20160428
Kaspersky Trojan-Banker.MSIL.Atmer.a 20160427
Kingsoft Win32.Troj.Banker.(kcloud) 20160428
Malwarebytes Backdoor.Bot 20160428
McAfee BackDoor-dispcash 20160428
McAfee-GW-Edition BehavesLike.Win32.Backdoor.nc 20160428
eScan Gen:Variant.Razy.26856 20160428
Microsoft TrojanSpy:MSIL/Ploutus.A 20160428
Panda Generic Malware 20160427
Qihoo-360 Trojan.Generic 20160428
Rising Trojan.Confuser!1.A352 20160428
Sophos Mal/Generic-S 20160428
Symantec Backdoor.Ploutus 20160428
Tencent Msil.Trojan-banker.Atmer.Pjnh 20160428
TheHacker Trojan/Ploutus.a 20160426
VBA32 Trojan.MSIL.Atmer 20160427
VIPRE Trojan.Win32.Generic!BT 20160428
ViRobot Trojan.Win32.Ploutus.39424[h] 20160428
Yandex Trojan.PWS.Atmer! 20160427
Zillya Trojan.Atmer.Win32.2 20160428
nProtect Trojan-Spy/W32.Banker.39424.F 20160428
ALYac 20160428
AVG 20160428
AegisLab 20160428
Alibaba 20160428
Antiy-AVL 20160428
Avast 20160428
ClamAV 20160427
Cyren 20160428
F-Prot 20160428
NANO-Antivirus 20160428
SUPERAntiSpyware 20160428
TrendMicro 20160428
TrendMicro-HouseCall 20160428
Zoner 20160428
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2013

Product PloutusService
Original name PloutusService.exe
Internal name PloutusService.exe
File version 1.0.0.0
Description PloutusService
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-08-26 13:54:34
Entry Point 0x0000AF9E
Number of sections 3
.NET details
Module Version ID 10db821d-8bf6-bc61-375f-e0714d34d6d1
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
2048

EntryPoint
0xaf9e

OriginalFileName
PloutusService.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2013

FileVersion
1.0.0.0

TimeStamp
2013:08:26 14:54:34+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
PloutusService.exe

ProductVersion
1.0.0.0

FileDescription
PloutusService

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
36864

ProductName
PloutusService

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 b9f5bd514485fb06da39beff051b9fdc
SHA1 c72a2e50410475a51d897d29ffbbaf2103754d53
SHA256 34acc4c0b61b5ce0b37c3589f97d1f23e6d84011a241e6f85683ee517ce786f1
ssdeep
768:bfdUNCTWkjQqtyUe5kS0tyO3qEZvBRVHxjQTjGobh8dnc:bHykjHgUyhkqEjTRU3Gob0nc

authentihash 62009e03bb3e716cd869ecd73a55baf77748a310061330ee6938c9fd88cb3a88
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 38.5 KB ( 39424 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (82.9%)
Win32 Dynamic Link Library (generic) (7.4%)
Win32 Executable (generic) (5.1%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)
Tags
peexe assembly

VirusTotal metadata
First submission 2013-09-02 15:35:42 UTC ( 2 years, 10 months ago )
Last submission 2016-04-28 09:55:17 UTC ( 2 months, 4 weeks ago )
File names PloutusService.exe.ADNNSS22FF-6682.56567e31-a992-48de-8f92-543aee9bb6cb
c72a2e50410475a51d897d29ffbbaf2103754d53_PloutusService.ex
34acc4c0b61b5ce0b37c3589f97d1f23e6d84011a241e6f85683ee517ce786f1.exe
PloutusService.exe
vti-rescan
exe.ex
b9f5bd514485fb06da39beff051b9fdc
34acc4c0b61b5ce0b37c3589f97d1f23e6d84011a2.exe
ploutusservice.exe
34acc4c0b61b5ce0b37c3589f97d1f23e6d84011a241e6f85683ee517ce786f1
b9f5bd514485fb06da39beff051b9fdc.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!