× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 371795e59a1b3b820f50a6488b2b7900156131f40f61c88ab82879a5d1bc80ed
File name: wirelesskeyview.zip
Detection ratio: 19 / 42
Analysis date: 2012-04-16 06:11:05 UTC ( 7 years, 1 month ago ) View latest
Antivirus Result Update
AhnLab-V3 Trojan/Win32.HDC 20120415
AntiVir APPL/Agent.48640.5 20120416
AVG HackTool.QTH 20120415
BitDefender Gen:Application.Heur.cmKfbO4FRnmO 20120416
Commtouch W32/Pwstool.K 20120415
DrWeb Tool.WirelessKeyView 20120416
F-Prot W32/Pwstool.K 20120415
F-Secure Gen:Application.Heur.cmKfbO4FRnmO 20120416
Fortinet Riskware/PassView 20120416
GData Gen:Application.Heur.cmKfbO4FRnmO 20120416
K7AntiVirus Unwanted-Program 20120414
McAfee Tool-PassView 20120416
NOD32 a variant of Win32/WirelessKeyView.A 20120416
nProtect Gen:Application.Heur.cmKfbO4FRnmO 20120415
Rising Trojan.Win32.Generic.12A6C881 20120413
Sophos AV NirSoft 20120416
TrendMicro HKTL_PASSVIEW 20120416
TrendMicro-HouseCall HKTL_PASSVIEW 20120416
VIPRE Nirsoft Password Recovery (not malicious) 20120416
Antiy-AVL 20120416
Avast 20120415
ByteHero 20120413
CAT-QuickHeal 20120416
ClamAV 20120416
Comodo 20120416
Emsisoft 20120416
eSafe 20120415
eTrust-Vet 20120413
Ikarus 20120416
Jiangmin 20120416
Kaspersky 20120416
McAfee-GW-Edition 20120415
Microsoft 20120416
Norman 20120415
Panda 20120415
PCTools 20120416
SUPERAntiSpyware 20120402
Symantec 20120416
TheHacker 20120416
VBA32 20120416
ViRobot 20120416
VirusBuster 20120415
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
3
Uncompressed size
76201
Highest datetime
2011-09-12 18:51:44
Lowest datetime
2011-09-12 18:44:18
Contained files by extension
txt
1
chm
1
exe
1
Contained files by type
unknown
2
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x68c6dba5

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
48640

ZipCompressedSize
41318

FileTypeExtension
zip

ZipFileName
WirelessKeyView.exe

ZipBitFlag
0x0002

ZipModifyDate
2011:09:12 18:44:18

Compressed bundles
File identification
MD5 2086248be91d5f97c4df148d410b7b54
SHA1 f23f6595782034812f873cb2f4443c9aa42a72cd
SHA256 371795e59a1b3b820f50a6488b2b7900156131f40f61c88ab82879a5d1bc80ed
ssdeep
1536:e3516gaNgL1pVfOXl8p3KXbIioQyL5K0Uswqv06dLvr0V:ep8gaNG1yXqpaIL5K0ps6VvwV

File size 53.2 KB ( 54473 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (80.0%)
PrintFox/Pagefox bitmap (var. P) (20.0%)
Tags
contains-pe zip upx via-tor

VirusTotal metadata
First submission 2011-09-13 04:10:05 UTC ( 7 years, 8 months ago )
Last submission 2018-09-30 10:03:32 UTC ( 7 months, 4 weeks ago )
File names wirelesskeyview-1.36.zip
wirelesskeyview-1-36-es-en-win.zip
WirelessKeyView.zip
file-2950746_zip
wirelesskeyview (2).zip
wirelesskeyview1.36.zip
wirelesskeyview.zip?token=1329455228_fb92dc2da57293748b4085d5964833c6
2220360
wirelesskeyview.zip
2086248be91d5f97c4df148d410b7b54
3694-wirelesskey.zip
output.19868783.txt
wirelesskeyview.zip
19868783
f_00014a.VIRUS
output.2220360.txt
dnaZRkiC.zip.part
wirelesskeyview (1).zip
swirelesskeyview.zip
wirelesskeyview.zip?token=1335587602_539670ec7b8f9dbffd0fe984fea453a6
wirelesskeyview.zip?token=1332265978_f78f7b6
wirelesskeyview.zip?token=1332265978_f78f7b620ec1ec26120fa11b28b4c600&lop=link
6972168d98c33540474c7991a16765b03a6aaff48099a24a7b779edfdb85d601d577e3b3ec07dcd10e680124fd5eca2a349f2c8c567add6629d7985acda711d2
wireless.zip
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Sophos
Possibly Unwanted Application labelled as NirSoft. This is a term used to describe applications that, while not malicious, are generally considered unsuitable for business networks. More details about Sophos PUA classifications can be found at: https://www.sophos.com/en-us/support/knowledgebase/14887.aspx .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!