× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4251f5e8137800a0bbd9667552e62a8d216ac76969873af6ace3d6c5ac76e3eb
File name: coco.exe
Detection ratio: 46 / 66
Analysis date: 2018-10-20 14:38:21 UTC ( 7 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Trojan.Heur.FU.keX@aCnatvg 20181020
AhnLab-V3 Trojan/Win32.Agent.C2420198 20181020
Arcabit Trojan.Heur.FU.EF8AB8 20181020
Avast Win32:Trojan-gen 20181020
AVG Win32:Trojan-gen 20181020
Avira (no cloud) TR/Crypt.ZPACK.Gen 20181020
BitDefender Gen:Trojan.Heur.FU.keX@aCnatvg 20181020
Bkav W32.eHeur.Virus02 20181019
CAT-QuickHeal Trojan.GenericPMF.S2589827 20181020
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cybereason malicious.9e9903 20180225
Cylance Unsafe 20181020
Cyren W32/Formbook.A.gen!Eldorado 20181020
DrWeb Trojan.Inject1.54688 20181020
Emsisoft Gen:Trojan.Heur.FU.keX@aCnatvg (B) 20181020
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Formbook.AA 20181020
F-Prot W32/Formbook.A.gen!Eldorado 20181020
F-Secure Gen:Trojan.Heur.FU.keX@aCnatvg 20181020
Fortinet W32/GenKryptik.AYEB!tr 20181020
GData Gen:Trojan.Heur.FU.keX@aCnatvg 20181020
Ikarus Trojan-Spy.FormBook 20181020
Sophos ML heuristic 20180717
K7AntiVirus Trojan ( 00536d121 ) 20181020
K7GW Trojan ( 00536d121 ) 20181020
Kaspersky HEUR:Trojan.Win32.Generic 20181020
Malwarebytes Trojan.Injector 20181020
MAX malware (ai score=80) 20181020
McAfee GenericRXCD-ZZ!23446F09E990 20181020
McAfee-GW-Edition BehavesLike.Win32.Generic.cc 20181020
Microsoft TrojanSpy:Win32/Swotter.A!bit 20181020
eScan Gen:Trojan.Heur.FU.keX@aCnatvg 20181020
NANO-Antivirus Virus.Win32.Gen.ccmw 20181020
Palo Alto Networks (Known Signatures) generic.ml 20181020
Qihoo-360 HEUR/QVM20.1.9D57.Malware.Gen 20181020
Rising Stealer.Fareit!8.170 (TFE:2:TXFxpikg56) 20181020
SentinelOne (Static ML) static engine - malicious 20181011
Sophos AV Troj/Formbook-A 20181020
SUPERAntiSpyware Trojan.Agent/Gen-Malagent 20181015
Symantec ML.Attribute.HighConfidence 20181020
Tencent Win32.Trojan.Crypt.Hooi 20181020
TrendMicro Trojan.Win32.FormBook.SM 20181020
TrendMicro-HouseCall Trojan.Win32.FormBook.SM 20181020
VBA32 BScope.TrojanPSW.Banker 20181019
Webroot W32.Trojan.Gen 20181020
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20181020
AegisLab 20181020
Alibaba 20180921
ALYac 20181020
Antiy-AVL 20181019
Avast-Mobile 20181020
Babable 20180918
Baidu 20181019
ClamAV 20181020
CMC 20181020
eGambit 20181020
Jiangmin 20181020
Kingsoft 20181020
Panda 20181020
Symantec Mobile Insight 20181001
TACHYON 20181020
TheHacker 20181018
TotalDefense 20181018
ViRobot 20181020
Yandex 20181020
Zillya 20181019
Zoner 20181019
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-02-07 08:31:15
Entry Point 0x0001B5E0
Number of sections 1
PE sections
Overlays
MD5 bf619eac0cdf3f68d496ea9344137e8b
File type ASCII text
Offset 171008
Size 512
Entropy 0.00
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

SubsystemVersion
5.1

MachineType
Intel 386 or later, and compatibles

TimeStamp
2014:02:07 09:31:15+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
166912

LinkerVersion
10.0

FileTypeExtension
exe

InitializedDataSize
0

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x1b5e0

OSVersion
5.1

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 23446f09e99037eb87e2b98567a43358
SHA1 e87206565d6eba9a6bab1ff67b5f0757eed8c15a
SHA256 4251f5e8137800a0bbd9667552e62a8d216ac76969873af6ace3d6c5ac76e3eb
ssdeep
3072:zNSfcYCxnHN/u5I21SOsYnVoTLC2AJ+IgoVkRbNns:kPCeq21rshTLC2b7oVa1

authentihash b544f2bec4b2da7e8b735713f8d1221e05c5c7338c0dc241ef33ab5b0e48c893
File size 167.5 KB ( 171520 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID DOS Executable Generic (100.0%)
Tags
peexe overlay

VirusTotal metadata
First submission 2018-10-20 14:36:17 UTC ( 7 months, 1 week ago )
Last submission 2018-11-07 04:12:03 UTC ( 6 months, 3 weeks ago )
File names output.114371417.txt
coco.exe
23446f09e99037eb87e2b98567a43358
coco.exe
coco.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Opened mutexes
Runtime DLLs