× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4a7d04335e4cbe7f78687071a4518ca2b0741cea452ef858def35a69d8a9c3ad
File name: NetflixGiftcard.exe
Detection ratio: 37 / 70
Analysis date: 2019-01-25 10:40:55 UTC ( 1 month, 4 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Generic.MSIL.PasswordStealerA.22EB52CE 20190125
AhnLab-V3 Win-Trojan/OrcusRAT.Exp 20190125
ALYac Generic.MSIL.PasswordStealerA.22EB52CE 20190125
Arcabit Generic.MSIL.PasswordStealerA.22EB52CE 20190125
Avast Win32:RATX-gen [Trj] 20190125
AVG Win32:RATX-gen [Trj] 20190125
Avira (no cloud) HEUR/AGEN.1013795 20190125
BitDefender Generic.MSIL.PasswordStealerA.22EB52CE 20190125
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181023
Cybereason malicious.7355ed 20190109
DrWeb Trojan.DownLoader25.14206 20190125
Emsisoft Generic.MSIL.PasswordStealerA.22EB52CE (B) 20190125
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of MSIL/Agent.AQI 20190125
F-Secure Generic.MSIL.PasswordStealerA.22EB52CE 20190125
Fortinet MSIL/Generic.AP.F529E!tr 20190125
GData MSIL.Backdoor.Orcus.A 20190125
Ikarus Trojan.MSIL.Agent 20190125
Sophos ML heuristic 20181128
Jiangmin Trojan.Generic.awmpo 20190125
K7AntiVirus Trojan ( 005011a81 ) 20190125
K7GW Trojan ( 005011a81 ) 20190125
Kaspersky HEUR:Trojan-Spy.MSIL.Generic 20190125
Malwarebytes Backdoor.Orcus 20190125
MAX malware (ai score=84) 20190125
McAfee BackDoor-FDJE!A0824E27355E 20190125
McAfee-GW-Edition BackDoor-FDJE!A0824E27355E 20190125
Microsoft Backdoor:MSIL/Orcus.A!bit 20190125
eScan Generic.MSIL.PasswordStealerA.22EB52CE 20190125
Rising Backdoor.Orcus!8.A4F3 (TFE:C:1pFjE6lpzCH) 20190125
SentinelOne (Static ML) static engine - malicious 20190124
Sophos AV Troj/Orcusrot-A 20190125
Trapmine malicious.high.ml.score 20190123
TrendMicro BKDR_ORCUSRAT.SM 20190125
TrendMicro-HouseCall BKDR_ORCUSRAT.SM 20190125
VBA32 Trojan.Downloader 20190125
ZoneAlarm by Check Point HEUR:Trojan-Spy.MSIL.Generic 20190125
Acronis 20190124
AegisLab 20190125
Alibaba 20180921
Antiy-AVL 20190125
Avast-Mobile 20190125
Babable 20180918
Baidu 20190125
Bkav 20190125
CAT-QuickHeal 20190125
ClamAV 20190125
CMC 20190125
Comodo 20190125
Cylance 20190125
Cyren 20190125
eGambit 20190125
F-Prot 20190125
Kingsoft 20190125
NANO-Antivirus 20190125
Palo Alto Networks (Known Signatures) 20190125
Panda 20190124
Qihoo-360 20190125
SUPERAntiSpyware 20190123
Symantec 20190125
TACHYON 20190125
Tencent 20190125
TheHacker 20190125
Trustlook 20190125
VIPRE 20190125
ViRobot 20190125
Webroot 20190125
Yandex 20190124
Zillya 20190124
Zoner 20190124
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Microft Corporation

Product Microft Corporation
Original name Orcus.exe
Internal name Netflix GiftGen
File version 1.0.0.0
Description Netflix GiftGen
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-01-24 18:03:48
Entry Point 0x000E50AE
Number of sections 3
.NET details
Module Version ID ba32bf64-14ce-4e45-82bc-138e5739ed4a
TypeLib ID 3601a898-0fe1-4710-ac30-2e6c417f46bd
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 6
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 9
PE resources
ExifTool file metadata
CodeSize
930304

SubsystemVersion
4.0

InitializedDataSize
111104

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Netflix GiftGen

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
8.0

EntryPoint
0xe50ae

OriginalFileName
Orcus.exe

MIMEType
application/octet-stream

LegalCopyright
Microft Corporation

FileVersion
1.0.0.0

TimeStamp
2019:01:24 19:03:48+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Netflix GiftGen

ProductVersion
1.1.22.1

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Crackers Info

LegalTrademarks
Microft Corporation

ProductName
Microft Corporation

ProductVersionNumber
1.1.22.1

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 a0824e27355edcbbbb85bfe7e2019891
SHA1 d52c6145d1c0b44d88b03e2e2119a77ad7b41bd0
SHA256 4a7d04335e4cbe7f78687071a4518ca2b0741cea452ef858def35a69d8a9c3ad
ssdeep
12288:2XBM21gsgPktzYX7dG1lFlWcYT70pxnnaaoawVmP+4GSrZNrI0AilFEvxHvBMUwV:ZuQ4MROxnFVprZlI0AilFEvxHinV

authentihash 308cf74d022df408986f52ae96f8ca775ace1a6fc0dde673f70669c864c6af02
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 1017.5 KB ( 1041920 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (54.4%)
Win64 Executable (generic) (20.5%)
Microsoft Visual C++ compiled executable (generic) (12.2%)
Win32 Dynamic Link Library (generic) (4.8%)
Win32 Executable (generic) (3.3%)
Tags
peexe assembly

VirusTotal metadata
First submission 2019-01-25 10:40:55 UTC ( 1 month, 4 weeks ago )
Last submission 2019-01-25 10:40:55 UTC ( 1 month, 4 weeks ago )
File names Netflix GiftGen
Orcus.exe
NetflixGiftcard.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!