× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 486c91c9abc472ac9adb9fd70fa7368fbbef4c2f1bbe62686125a911397651e6
File name: juan.exe
Detection ratio: 40 / 55
Analysis date: 2015-10-26 19:04:20 UTC ( 8 months, 1 week ago )
Antivirus Result Update
ALYac Gen:Variant.Zusy.80122 20151027
AVG Dropper.Generic9.BZG 20151026
AVware Win32.Malware!Drop 20151026
Ad-Aware Gen:Variant.Zusy.80122 20151027
Yandex Trojan.DR.Sysn! 20151026
AhnLab-V3 Trojan/Win32.Sysn 20151026
Antiy-AVL Trojan[Dropper]/Win32.Sysn 20151027
Arcabit Trojan.Zusy.D138FA 20151027
Avast Win32:Agent-AXEJ [Trj] 20151027
Baidu-International Trojan.Win32.Dropper.aahe 20151026
BitDefender Gen:Variant.Zusy.80122 20151027
CAT-QuickHeal TrojanDropper.Sysn.r4 20151026
Comodo TrojWare.Win32.TrojanDropper.Sysn.~AAHE 20151027
Cyren W32/Trojan.POPR-6174 20151027
DrWeb Tool.BtcMine.130 20151027
ESET-NOD32 MSIL/CoinMiner.FN 20151026
Emsisoft Gen:Variant.Zusy.80122 (B) 20151027
F-Secure Gen:Variant.Zusy.80122 20151027
Fortinet W32/Sysn.AAHE!tr 20151026
GData Gen:Variant.Zusy.80122 20151027
Ikarus Trojan-Dropper.Win32.Sysn 20151027
K7AntiVirus Riskware ( 0040eff71 ) 20151026
K7GW Riskware ( 0040eff71 ) 20151026
Kaspersky Trojan-Dropper.Win32.Sysn.aahe 20151027
Malwarebytes Trojan.Agent.MNR 20151026
McAfee RDN/Generic Dropper!xc 20151027
McAfee-GW-Edition BehavesLike.Win32.Backdoor.jc 20151027
eScan Gen:Variant.Zusy.80122 20151027
Microsoft Trojan:Win32/Sisron!gmb 20151027
NANO-Antivirus Riskware.Win32.BtcMine.croexq 20151026
Panda Trj/CI.A 20151026
Qihoo-360 Win32/Trojan.6d0 20151027
Sophos Mal/Generic-S 20151027
Symantec Trojan.Gen 20151026
Tencent Win32.Trojan-dropper.Sysn.Dxcq 20151027
TotalDefense Win32/Tnega.YaEEJID 20151026
VBA32 TrojanDropper.Sysn 20151026
VIPRE Win32.Malware!Drop 20151027
ViRobot Trojan.Win32.Agent.615424.A[h] 20151026
nProtect Trojan-Dropper/W32.Sysn.615424 20151026
AegisLab 20151026
Alibaba 20151026
Bkav 20151026
ByteHero 20151027
CMC 20151026
ClamAV 20151027
F-Prot 20151027
Jiangmin 20151026
Rising 20151026
SUPERAntiSpyware 20151027
TheHacker 20151026
TrendMicro 20151027
TrendMicro-HouseCall 20151027
Zillya 20151026
Zoner 20151026
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright

Original name juan.exe
Internal name juan.exe
File version 0.0.0.0
Description
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-11-28 05:16:43
Entry Point 0x0008A42E
Number of sections 4
.NET details
Module Version ID cbfb4e2b-106d-bc78-0a13-a26c8473a90c
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 6
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 9
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
8.0

ImageVersion
0.0

FileVersionNumber
0.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
55808

EntryPoint
0x8a42e

OriginalFileName
juan.exe

MIMEType
application/octet-stream

FileVersion
0.0.0.0

TimeStamp
2013:11:28 06:16:43+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
juan.exe

ProductVersion
0.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
558592

FileSubtype
0

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 804818386fdde1b2cec4098bad418bb3
SHA1 5dad8cd46be8470b718abcb31b2b7d8b2b945a87
SHA256 486c91c9abc472ac9adb9fd70fa7368fbbef4c2f1bbe62686125a911397651e6
ssdeep
12288:13m9zV6LfPX5BGJupMwZmu3EyH1o3smtN+ctSVaH:1KiZBGJ2Pr3EyHWcm+H8H

authentihash 18058325d57018048dd9ccb29d70c0a92a278c701ad8a1be93cdc8dbb3d6695f
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 601.0 KB ( 615424 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (38.3%)
Win32 Executable (generic) (26.2%)
Win16/32 Executable Delphi generic (12.0%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe assembly

VirusTotal metadata
First submission 2013-11-29 00:22:49 UTC ( 2 years, 7 months ago )
Last submission 2013-12-12 14:19:36 UTC ( 2 years, 6 months ago )
File names flashplayerv10.1.57.108.exe
5dad8cd46be8470b718abcb31b2b7d8b2b945a87
control.exe
17851049
17851051
file-6316123_exe
FlashPlayerV10.1.57.108.exe
juan.exe
output.17851051.txt
FlashPlayerV10.1.57.108.vxe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Behaviour characterization
Zemana
dll-injection

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!