× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 41d2c42ac8371a14bf49c335c1b46af0993cfa2a0f210d757821808d085b9926
File name: FAX-1400166434-707348006719-154.zip
Detection ratio: 6 / 55
Analysis date: 2015-07-17 11:39:29 UTC ( 3 years, 10 months ago ) View latest
Antivirus Result Update
AVware Trojan.Win32.Upatre.buu (v) 20150717
F-Secure Trojan-Downloader:W32/Kavala.B 20150716
K7AntiVirus Trojan ( 7000000c1 ) 20150717
Qihoo-360 HEUR/QVM09.0.Malware.Gen 20150717
Sophos AV Mal/DrodZp-A 20150717
VIPRE Trojan.Win32.Upatre.buu (v) 20150717
Ad-Aware 20150717
AegisLab 20150717
Yandex 20150717
AhnLab-V3 20150717
Alibaba 20150717
ALYac 20150717
Antiy-AVL 20150717
Arcabit 20150717
Avast 20150717
AVG 20150717
Avira (no cloud) 20150717
Baidu-International 20150717
BitDefender 20150717
Bkav 20150717
ByteHero 20150717
CAT-QuickHeal 20150717
ClamAV 20150716
Comodo 20150717
Cyren 20150717
DrWeb 20150717
Emsisoft 20150717
ESET-NOD32 20150717
F-Prot 20150717
Fortinet 20150717
GData 20150717
Ikarus 20150717
Jiangmin 20150716
K7GW 20150717
Kaspersky 20150717
Kingsoft 20150717
Malwarebytes 20150717
McAfee 20150717
McAfee-GW-Edition 20150716
Microsoft 20150717
eScan 20150717
NANO-Antivirus 20150717
nProtect 20150717
Panda 20150717
Rising 20150713
SUPERAntiSpyware 20150717
Symantec 20150717
Tencent 20150717
TheHacker 20150713
TrendMicro 20150717
TrendMicro-HouseCall 20150717
VBA32 20150717
ViRobot 20150717
Zillya 20150717
Zoner 20150717
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
1
Uncompressed size
78848
Highest datetime
2015-07-17 02:15:14
Lowest datetime
2015-07-17 02:15:14
Contained files by extension
scr
1
Contained files by type
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x439f6c4f

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
78848

ZipCompressedSize
41304

FileTypeExtension
zip

ZipFileName
FAX-1400166434-707348006719-154.scr

ZipBitFlag
0

ZipModifyDate
2015:07:17 02:15:07

File identification
MD5 777ea29053d4e3e4eeb5689523a5ed11
SHA1 b8fa97e394dd0f687cd2081dd60d298bcf562305
SHA256 41d2c42ac8371a14bf49c335c1b46af0993cfa2a0f210d757821808d085b9926
ssdeep
768:G+4EgvXTPFLNjka63UDIcINb4vSjxnWcxyt2Il3iUY+KkwxplOIDMT6We1KtuM6J:Gx/zqFNb4qjxWcMDl3iUJKkwmIDAUy5u

File size 40.5 KB ( 41472 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2015-07-17 10:01:04 UTC ( 3 years, 10 months ago )
Last submission 2017-12-14 16:09:58 UTC ( 1 year, 5 months ago )
File names FAX-1400166434-707348006719-154.zip
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: Suspicious_GEN.F47V0717.

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!