× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3fe606ed585eb6bf5e184db85544138991d8967418c01f6a9d1841ed7a718469
File name: axo7.exe
Detection ratio: 14 / 68
Analysis date: 2017-11-27 01:32:13 UTC ( 1 year, 5 months ago ) View latest
Antivirus Result Update
AegisLab Worm.MSIL.Agent.lmXx 20171127
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9997 20171124
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20171016
Cybereason malicious.fb20fb 20171103
Cylance Unsafe 20171127
Endgame malicious (high confidence) 20171024
ESET-NOD32 a variant of MSIL/Kryptik.LLL 20171126
Fortinet MSIL/Kryptik.LLL!tr 20171126
Ikarus Trojan.SuspectCRC 20171126
Sophos ML heuristic 20170914
Kaspersky HEUR:Trojan.Win32.Generic 20171127
Malwarebytes Spyware.AgentTesla.Generic 20171126
Sophos AV Mal/Kryptik-AX 20171127
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20171126
Ad-Aware 20171126
AhnLab-V3 20171126
Alibaba 20171124
ALYac 20171127
Antiy-AVL 20171127
Arcabit 20171127
Avast 20171127
Avast-Mobile 20171126
AVG 20171127
Avira (no cloud) 20171126
AVware 20171127
BitDefender 20171127
Bkav 20171124
CAT-QuickHeal 20171125
ClamAV 20171127
CMC 20171126
Comodo 20171126
Cyren 20171126
DrWeb 20171126
eGambit 20171127
Emsisoft 20171127
F-Prot 20171126
F-Secure 20171127
GData 20171126
Jiangmin 20171126
K7AntiVirus 20171124
K7GW 20171126
Kingsoft 20171127
MAX 20171126
McAfee 20171126
McAfee-GW-Edition 20171126
Microsoft 20171126
eScan 20171127
NANO-Antivirus 20171126
nProtect 20171126
Palo Alto Networks (Known Signatures) 20171127
Panda 20171126
Qihoo-360 20171127
Rising 20171127
SentinelOne (Static ML) 20171113
SUPERAntiSpyware 20171126
Symantec 20171126
Symantec Mobile Insight 20171124
Tencent 20171127
TheHacker 20171126
TotalDefense 20171126
TrendMicro 20171126
TrendMicro-HouseCall 20171127
Trustlook 20171127
VBA32 20171124
VIPRE 20171127
ViRobot 20171126
Webroot 20171127
WhiteArmor 20171104
Yandex 20171120
Zillya 20171124
Zoner 20171127
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(c) Cytec Industries

Product Cytec Industries starter
Original name V4.exe
Internal name V4.exe
File version 0.5.14.4
Description Cytec Industries
Comments Cytec Industries Launcher
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-11-25 23:50:52
Entry Point 0x000F580E
Number of sections 3
.NET details
Module Version ID d52c2108-9b39-42af-ab4b-2786eb9faf88
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 6
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 9
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
Cytec Industries Launcher

LinkerVersion
11.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.5.14.4

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Cytec Industries

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
103424

EntryPoint
0xf580e

OriginalFileName
V4.exe

MIMEType
application/octet-stream

LegalCopyright
(c) Cytec Industries

FileVersion
0.5.14.4

TimeStamp
2017:11:26 00:50:52+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
V4.exe

ProductVersion
0.5.14.4

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Cytec Industries Company

CodeSize
997888

ProductName
Cytec Industries starter

ProductVersionNumber
0.5.14.4

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
14.10.12.18

Compressed bundles
File identification
MD5 04f1689f91632dcd2132be2ff3aa1e12
SHA1 ef26027fb20fb30ad6a1fe6fcb571b60bdda0e71
SHA256 3fe606ed585eb6bf5e184db85544138991d8967418c01f6a9d1841ed7a718469
ssdeep
24576:OZd3xtaPsdc9EW9sFX4AyCWVcBqCfNuev+zxQe:OX3xtv6FV+Tyx

authentihash cabc23d76a2fc95d5e8a6cf3d6b706723e7e40655ba24d9e46b0aa0cf7439491
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 1.1 MB ( 1101824 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (81.0%)
Win32 Dynamic Link Library (generic) (7.2%)
Win32 Executable (generic) (4.9%)
OS/2 Executable (generic) (2.2%)
Generic Win/DOS Executable (2.2%)
Tags
peexe assembly

VirusTotal metadata
First submission 2017-11-27 01:32:13 UTC ( 1 year, 5 months ago )
Last submission 2018-01-17 09:21:32 UTC ( 1 year, 4 months ago )
File names axo7.exe
VirusShare_04f1689f91632dcd2132be2ff3aa1e12
V4.exe
1002-ef26027fb20fb30ad6a1fe6fcb571b60bdda0e71
ptm.exe
V4.exe
ptm.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!