× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 47600eb43512d1691ff4d1123a765ae5cdc3e2f90e1a940ff0e4a94ac1528bf3
File name: zbetcheckin_tracker_1OneDrive.exe
Detection ratio: 15 / 68
Analysis date: 2018-08-12 21:05:53 UTC ( 7 months, 1 week ago ) View latest
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Gen.C706795 20180812
Avira (no cloud) TR/ATRAPS.Gen 20180812
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9990 20180810
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cylance Unsafe 20180812
ESET-NOD32 a variant of MSIL/Kryptik.PFC 20180812
Sophos ML heuristic 20180717
K7AntiVirus Trojan ( 005376ae1 ) 20180812
K7GW Trojan ( 005376ae1 ) 20180812
Malwarebytes Trojan.Crypt.Generic 20180812
McAfee-GW-Edition BehavesLike.Win32.Generic.th 20180812
Qihoo-360 HEUR/QVM03.0.2381.Malware.Gen 20180812
SentinelOne (Static ML) static engine - malicious 20180701
Symantec ML.Attribute.HighConfidence 20180812
Webroot Pua.Gen 20180812
Ad-Aware 20180812
AegisLab 20180812
Alibaba 20180713
ALYac 20180812
Antiy-AVL 20180812
Arcabit 20180812
Avast 20180812
Avast-Mobile 20180812
AVG 20180812
AVware 20180812
Babable 20180725
BitDefender 20180812
Bkav 20180810
CAT-QuickHeal 20180812
ClamAV 20180812
CMC 20180812
Comodo 20180812
Cybereason 20180225
Cyren 20180812
DrWeb 20180812
eGambit 20180812
Emsisoft 20180812
Endgame 20180730
F-Prot 20180812
F-Secure 20180812
Fortinet 20180812
GData 20180812
Ikarus 20180812
Jiangmin 20180812
Kaspersky 20180812
Kingsoft 20180812
MAX 20180812
McAfee 20180812
Microsoft 20180812
eScan 20180812
NANO-Antivirus 20180812
Palo Alto Networks (Known Signatures) 20180812
Panda 20180812
Rising 20180812
Sophos AV 20180812
SUPERAntiSpyware 20180812
Symantec Mobile Insight 20180812
TACHYON 20180812
Tencent 20180812
TheHacker 20180812
TotalDefense 20180812
TrendMicro 20180812
TrendMicro-HouseCall 20180812
Trustlook 20180812
VBA32 20180810
VIPRE 20180812
ViRobot 20180812
Yandex 20180810
Zillya 20180812
ZoneAlarm by Check Point 20180812
Zoner 20180811
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft OneDrive
Original name OneDrive.exe
Internal name OneDrive.exe
File version 18.111.0603.0006
Description Microsoft OneDrive
Comments ovodimoqizilakisanoyax
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1972-10-07 09:02:46
Entry Point 0x0012200A
Number of sections 5
.NET details
Module Version ID 43be7e4f-cafd-4146-9cb5-24370edd6af6
TypeLib ID a1b5f7bc-635b-439c-b974-5dab4c68f911
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 4
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
ovodimoqizilakisanoyax

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
18.111.603.6

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Microsoft OneDrive

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
85504

EntryPoint
0x12200a

OriginalFileName
OneDrive.exe

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
18.111.0603.0006

TimeStamp
1972:10:07 11:02:46+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
OneDrive.exe

ProductVersion
18.111.0603.0006

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
1078272

ProductName
Microsoft OneDrive

ProductVersionNumber
18.111.603.6

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 f94687ec145644cde939b9e49d59a8a7
SHA1 abaecf90c75246bba0b683868e757a097d0526c6
SHA256 47600eb43512d1691ff4d1123a765ae5cdc3e2f90e1a940ff0e4a94ac1528bf3
ssdeep
12288:wCQiIMiIjtgo4F1ubuWLxdDIWhHRhdImSGJDwhYneX6iBux0CD:wxS1guqatIMPGm1Dwhsel60

authentihash e801abcd055aacdbd3e4ec07cf52a5ed8883b66e087af000f59f3760a17a92b8
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 1.1 MB ( 1164800 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Executable MS Visual C++ (generic) (39.9%)
Win64 Executable (generic) (35.4%)
Win32 Dynamic Link Library (generic) (8.4%)
Win32 Executable (generic) (5.7%)
Win16/32 Executable Delphi generic (2.6%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-08-12 21:05:53 UTC ( 7 months, 1 week ago )
Last submission 2018-08-12 21:05:53 UTC ( 7 months, 1 week ago )
File names OneDrive.exe
1OneDrive.exe
zbetcheckin_tracker_1OneDrive.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!