× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 34acc4c0b61b5ce0b37c3589f97d1f23e6d84011a241e6f85683ee517ce786f1
File name: b9f5bd514485fb06da39beff051b9fdc.vir
Detection ratio: 55 / 67
Analysis date: 2018-05-19 17:16:05 UTC ( 8 months, 1 week ago )
Antivirus Result Update
Ad-Aware Trojan.GenericKD.5196136 20180519
AegisLab Troj.Banker.Msil!c 20180519
AhnLab-V3 Trojan/Win32.Atmer.C206805 20180519
ALYac Backdoor.Ploutus 20180519
Antiy-AVL Trojan/Win32.SGeneric 20180519
Arcabit Trojan.Generic.D4F4968 20180519
Avast MSIL:Ploutus-A [Trj] 20180519
AVG MSIL:Ploutus-A [Trj] 20180519
Avira (no cloud) TR/Dropper.Gen 20180519
AVware Trojan.Win32.Generic!BT 20180519
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9729 20180518
BitDefender Trojan.GenericKD.5196136 20180519
Bkav W32.PloutusAtmer.Trojan 20180518
CAT-QuickHeal TrojanSpy.Ploutus.A3 20180519
CMC Trojan-Banker.MSIL.Atmer!O 20180519
Comodo UnclassifiedMalware 20180519
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180418
Cylance Unsafe 20180519
Cyren W32/Trojan.MOOR-8669 20180519
DrWeb Trojan.Ploutus.2 20180519
Emsisoft Trojan.Ploutus (A) 20180519
Endgame malicious (high confidence) 20180507
ESET-NOD32 MSIL/Ploutus.A 20180519
F-Secure Trojan.GenericKD.5196136 20180519
Fortinet MSIL/Ploutus.H!tr 20180519
GData Trojan.GenericKD.5196136 20180519
Ikarus Trojan.Msil 20180519
Sophos ML heuristic 20180503
Jiangmin Trojan/Banker.MSIL.ck 20180519
K7AntiVirus Trojan ( 0001140e1 ) 20180519
K7GW Trojan ( 0001140e1 ) 20180519
Kaspersky Backdoor.MSIL.Ploutus.h 20180519
MAX malware (ai score=100) 20180519
McAfee BackDoor-dispcash 20180519
McAfee-GW-Edition BackDoor-dispcash 20180519
Microsoft TrojanSpy:MSIL/Ploutus.A 20180519
eScan Trojan.GenericKD.5196136 20180519
NANO-Antivirus Trojan.Win32.Ploutus.ebwcau 20180519
nProtect Trojan-Spy/W32.Banker.39424.F 20180519
Panda Generic Malware 20180519
Qihoo-360 Trojan.Generic 20180519
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/Generic-S 20180519
Symantec Backdoor.Ploutus 20180518
Tencent Msil.Trojan-banker.Atmer.Pjnh 20180519
TheHacker Trojan/Ploutus.a 20180516
TrendMicro TROJ_PLOUTUS.A 20180519
TrendMicro-HouseCall TROJ_PLOUTUS.A 20180519
VBA32 Trojan.MSIL.Atmer 20180518
VIPRE Trojan.Win32.Generic!BT 20180519
ViRobot Trojan.Win32.Ploutus.39424 20180519
Webroot W32.Trojan.Gen 20180519
Yandex Trojan.PWS.Atmer! 20180518
Zillya Trojan.Atmer.Win32.2 20180519
ZoneAlarm by Check Point Backdoor.MSIL.Ploutus.h 20180519
Avast-Mobile 20180519
Babable 20180406
ClamAV 20180519
Cybereason None
eGambit 20180519
F-Prot 20180519
Kingsoft 20180519
Malwarebytes 20180519
Palo Alto Networks (Known Signatures) 20180519
Rising 20180519
SUPERAntiSpyware 20180519
Symantec Mobile Insight 20180518
TotalDefense 20180519
Trustlook 20180519
Zoner 20180518
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2013

Product PloutusService
Original name PloutusService.exe
Internal name PloutusService.exe
File version 1.0.0.0
Description PloutusService
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-08-26 13:54:34
Entry Point 0x0000AF9E
Number of sections 3
.NET details
Module Version ID 10db821d-8bf6-bc61-375f-e0714d34d6d1
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
2048

ImageVersion
0.0

ProductName
PloutusService

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
PloutusService

CharacterSet
Unicode

LinkerVersion
8.0

FileTypeExtension
exe

OriginalFileName
PloutusService.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.0.0

TimeStamp
2013:08:26 14:54:34+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
PloutusService.exe

ProductVersion
1.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright 2013

MachineType
Intel 386 or later, and compatibles

CodeSize
36864

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0xaf9e

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 b9f5bd514485fb06da39beff051b9fdc
SHA1 c72a2e50410475a51d897d29ffbbaf2103754d53
SHA256 34acc4c0b61b5ce0b37c3589f97d1f23e6d84011a241e6f85683ee517ce786f1
ssdeep
768:bfdUNCTWkjQqtyUe5kS0tyO3qEZvBRVHxjQTjGobh8dnc:bHykjHgUyhkqEjTRU3Gob0nc

authentihash 62009e03bb3e716cd869ecd73a55baf77748a310061330ee6938c9fd88cb3a88
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 38.5 KB ( 39424 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (81.0%)
Win32 Dynamic Link Library (generic) (7.2%)
Win32 Executable (generic) (4.9%)
OS/2 Executable (generic) (2.2%)
Generic Win/DOS Executable (2.2%)
Tags
peexe assembly

VirusTotal metadata
First submission 2013-09-02 15:35:42 UTC ( 5 years, 4 months ago )
Last submission 2018-05-19 17:16:05 UTC ( 8 months, 1 week ago )
File names PloutusService.exe.ADNNSS22FF-6682.56567e31-a992-48de-8f92-543aee9bb6cb
c72a2e50410475a51d897d29ffbbaf2103754d53_PloutusService.ex
34acc4c0b61b5ce0b37c3589f97d1f23e6d84011a241e6f85683ee517ce786f1.exe
aa
exe.ex
b9f5bd514485fb06da39beff051b9fdc.vir
uiwSYIK0EY.scr
nEkBz.xml
vti-rescan
ploutusservice.exe
b9f5bd514485fb06da39beff051b9fdc
34acc4c0b61b5ce0b37c3589f97d1f23e6d84011a2.exe
PloutusService.exe
plotus.exe
34acc4c0b61b5ce0b37c3589f97d1f23e6d84011a241e6f85683ee517ce786f1
b9f5bd514485fb06da39beff051b9fdc.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!