× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3af18232a9175dea624a7947e6edef6a57457bdf6d3ba0ead58856a139db2832
File name: xfs_extension.exe
Detection ratio: 19 / 55
Analysis date: 2017-01-18 08:02:20 UTC ( 9 months ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Razy.119829 20170118
AegisLab Gen.Variant.Razy!c 20170118
Arcabit Trojan.Razy.D1D415 20170118
Avast Win32:Malware-gen 20170118
AVG Ransomer.MTD 20170118
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9918 20170118
BitDefender Gen:Variant.Razy.119829 20170118
CrowdStrike Falcon (ML) malicious_confidence_77% (W) 20161024
Emsisoft Gen:Variant.Razy.119829 (B) 20170118
F-Secure Gen:Variant.Razy.119829 20170118
GData Gen:Variant.Razy.119829 20170118
Sophos ML trojan.win32.gupboot.b 20170111
McAfee-GW-Edition BehavesLike.Win32.Downloader.fc 20170118
eScan Gen:Variant.Razy.119829 20170118
Qihoo-360 HEUR/QVM11.1.0000.Malware.Gen 20170118
Rising Malware.Obscure/Heur!1.9E03 (classic) 20170118
Symantec ML.Relationship.HighConfidence [Trojan.Gen.2] 20170117
TrendMicro Ransom_HPLOCKY.SM4 20170118
TrendMicro-HouseCall Ransom_HPLOCKY.SM4 20170118
AhnLab-V3 20170117
Alibaba 20170118
ALYac 20170118
Antiy-AVL 20170118
Avira (no cloud) 20170118
AVware 20170118
CAT-QuickHeal 20170118
ClamAV 20170118
CMC 20170118
Comodo 20170118
Cyren 20170118
DrWeb 20170118
ESET-NOD32 20170118
F-Prot 20170118
Fortinet 20170118
Ikarus 20170117
Jiangmin 20170118
K7AntiVirus 20170118
K7GW 20170118
Kaspersky 20170118
Kingsoft 20170118
Malwarebytes 20170118
McAfee 20170118
Microsoft 20170118
NANO-Antivirus 20170117
nProtect 20170118
Panda 20170117
Sophos AV 20170118
SUPERAntiSpyware 20170118
Tencent 20170118
TheHacker 20170117
Trustlook 20170118
VBA32 20170117
VIPRE 20170118
ViRobot 20170118
WhiteArmor 20170117
Yandex 20170117
Zillya 20170117
Zoner 20170118
Compressed bundles
File identification
MD5 4da11c829f8fea1b690f317837af8387
SHA1 00c6ce1031f88b5276a5335e68fba663e769dadd
SHA256 3af18232a9175dea624a7947e6edef6a57457bdf6d3ba0ead58856a139db2832
ssdeep
6144:FTxtYFLPUV+Go1wAOEKjhGSL+IolFXeqaBfRbzqbWO0sLma++3JBsj6At:FELP4+GC58GSLbolFXbaPabWORl+Us

authentihash e02491c7f524a531e5474db5ee8b621374e7b5fafd34c8b4198359ce5e00360d
File size 345.4 KB ( 353725 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID UPX compressed Win32 Executable (39.3%)
Win32 EXE Yoda's Crypter (38.6%)
Win32 Dynamic Link Library (generic) (9.5%)
Win32 Executable (generic) (6.5%)
Generic Win/DOS Executable (2.9%)
Tags
peexe upx

VirusTotal metadata
First submission 2017-01-18 05:42:48 UTC ( 9 months ago )
Last submission 2017-08-19 02:21:19 UTC ( 2 months ago )
File names 3af18232a9175dea624a7947e6edef6a57457bdf6d3ba0ead58856a139db2832
xfs_extension.ex_
xfs_extension_2.exe
3af18232a9175dea624a7947e6edef6a57457bdf6d3ba0ead58856a139db2832.ex_
xfs_extension.exe
xfs_extension.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Runtime DLLs
UDP communications