× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 387429e2f35a0d358302f08c46fee0fe857596786f773cf654eef8c6d2b63583
File name: Bank_Account_Summary.exe
Detection ratio: 47 / 68
Analysis date: 2018-09-25 02:58:42 UTC ( 3 weeks, 6 days ago )
Antivirus Result Update
Ad-Aware Trojan.GenericKD.5062841 20180925
AegisLab Trojan.Win32.Generic.4!c 20180925
AhnLab-V3 Malware/Win32.Generic.C1367867 20180924
ALYac Trojan.GenericKD.5062841 20180925
Antiy-AVL Trojan/Win32.TSGeneric 20180925
Arcabit Trojan.Generic.D4D40B9 20180925
Avast Win32:Malware-gen 20180925
AVG Win32:Malware-gen 20180925
Avira (no cloud) HEUR/AGEN.1016243 20180924
AVware Trojan.Win32.Generic.pak!cobra 20180925
BitDefender Trojan.GenericKD.5062841 20180925
CrowdStrike Falcon (ML) malicious_confidence_90% (W) 20180723
Cybereason malicious.2e33bc 20180225
Cylance Unsafe 20180925
Cyren W32/Trojan.MNUE-1316 20180925
DrWeb Trojan.Encoder.4330 20180925
Emsisoft Trojan.GenericKD.5062841 (B) 20180925
Endgame malicious (moderate confidence) 20180730
ESET-NOD32 a variant of MSIL/Filecoder.AK 20180925
F-Secure Trojan.GenericKD.5062841 20180924
Fortinet MSIL/Filecoder.Y!tr 20180925
GData MSIL.Trojan-Ransom.Cryptear.R 20180925
Ikarus Trojan.MSIL.Filecoder 20180924
Jiangmin Trojan.Generic.bnniw 20180924
K7AntiVirus Trojan ( 004de29f1 ) 20180924
K7GW Trojan ( 004de29f1 ) 20180924
Kaspersky Trojan-Ransom.Win32.Crypmodadv.vpe 20180925
MAX malware (ai score=100) 20180925
McAfee Ransomware-FTD!49D53752E33B 20180925
McAfee-GW-Edition Ransomware-FTD!49D53752E33B 20180925
Microsoft Trojan:Win32/Dynamer!ac 20180925
eScan Trojan.GenericKD.5062841 20180925
NANO-Antivirus Trojan.Win32.MlwGen.ebcumh 20180925
Panda Trj/GdSda.A 20180924
Qihoo-360 HEUR/QVM03.0.Malware.Gen 20180925
Rising Ransom.Crypmodadv!8.291 (CLOUD) 20180925
SentinelOne (Static ML) static engine - malicious 20180830
Sophos AV Troj/Cryptear-A 20180925
Symantec Trojan.Bleagle 20180925
Tencent Win32.Trojan.Crypmodadv.Pgdh 20180925
TrendMicro Ransom_Crypmodadv.R002C0OIO18 20180925
TrendMicro-HouseCall Ransom_Crypmodadv.R002C0OIO18 20180925
VBA32 Hoax.Crypmodadv 20180924
VIPRE Trojan.Win32.Generic.pak!cobra 20180925
Yandex Trojan.Crypmodadv! 20180924
Zillya Trojan.Filecoder.Win32.2122 20180924
ZoneAlarm by Check Point Trojan-Ransom.Win32.Crypmodadv.vpe 20180925
Alibaba 20180921
Avast-Mobile 20180924
Babable 20180918
Baidu 20180914
Bkav 20180924
CAT-QuickHeal 20180923
ClamAV 20180924
CMC 20180924
Comodo 20180925
eGambit 20180925
F-Prot 20180925
Sophos ML 20180717
Kingsoft 20180925
Malwarebytes 20180925
SUPERAntiSpyware 20180907
Symantec Mobile Insight 20180924
TACHYON 20180925
TheHacker 20180924
TotalDefense 20180924
Trustlook 20180925
ViRobot 20180924
Webroot 20180925
Zoner 20180924
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2016

Product WindowsFormsApplication1
Original name Bank_Account_Summary.exe
Internal name Bank_Account_Summary.exe
File version 1.0.0.0
Description WindowsFormsApplication1
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-03-14 10:03:47
Entry Point 0x004A2EE2
Number of sections 3
.NET details
Module Version ID f5f0abb6-0deb-4466-b855-c304118f729a
TypeLib ID 0d6fd9f8-7cbe-4048-b453-7ffdebbaee15
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 4
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
48.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
WindowsFormsApplication1

ImageFileCharacteristics
Executable, Large address aware

CharacterSet
Unicode

InitializedDataSize
12288

EntryPoint
0x4a2ee2

OriginalFileName
Bank_Account_Summary.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2016

FileVersion
1.0.0.0

TimeStamp
2016:03:14 11:03:47+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Bank_Account_Summary.exe

ProductVersion
1.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
4853760

ProductName
WindowsFormsApplication1

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 49d53752e33bc859c1a4cfa6eb2ce3cd
SHA1 d70199063ce435bfc59a5ffafe774b3c5e2efc1e
SHA256 387429e2f35a0d358302f08c46fee0fe857596786f773cf654eef8c6d2b63583
ssdeep
24576:1kg5bIZebKXFQGQw+5B+HebKXUw+5B+Hy7mSd:1kg5bIZzgw+5B+H2w+5B+Hi

authentihash 06748d8672ce66d0ca842a38634cfb10ca8924e528ce0ab5004fc767ddd1d80b
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 4.6 MB ( 4866560 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (81.0%)
Win32 Dynamic Link Library (generic) (7.2%)
Win32 Executable (generic) (4.9%)
OS/2 Executable (generic) (2.2%)
Generic Win/DOS Executable (2.2%)
Tags
peexe assembly

VirusTotal metadata
First submission 2016-03-16 04:29:15 UTC ( 2 years, 7 months ago )
Last submission 2018-09-25 02:58:42 UTC ( 3 weeks, 6 days ago )
File names Bank_Account_Summary.exe
Bank_Account_Summary.pdf.exe
Bank_Account_Summary.pdf.exe
Bank_Account_Summary.pdf.exe
387429e2f35a0d358302f08c46fee0fe857596786f773cf654eef8c6d2b63583.bin
Bank_Account_Summary.pdf.exe
387429e2f35a0d358302f08c46fee0fe857596786f773cf654eef8c6d2b63583.exe
Bank_Account_Summary.pdf.exe
Bank_Account_Summary.pdf.exe
Bank_Account_Summary.pdf.exe
Bank_Account_Summary.pdf.exe
Bank_Account_Summary.pdf.exe
Bank_Account_Summary.pdf.exe
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: TROJ_GEN.R00XC0VCV16.

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!