× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4b13266b8e85fb5b0d2c204d3d170bf4a3766d50d4fb6d9a4e0bce2538259218
File name: NTLEA 0.92.zip
Detection ratio: 7 / 43
Analysis date: 2012-03-06 08:15:48 UTC ( 4 years, 10 months ago ) View latest
Antivirus Result Update
Commtouch W32/SecRisk-ProcessPatcher-Sml-based!Maximus 20120306
Emsisoft Trojan-Dropper!IK 20120305
F-Prot W32/SecRisk-ProcessPatcher-Sml-based!Maximus 20120305
Ikarus Trojan-Dropper 20120306
K7AntiVirus Trojan 20120305
Rising Trojan.Win32.Generic.128855E5 20120305
VIPRE RiskTool.Win32.ProcessPatcher.Sml!cobra (v) (not malicious) 20120306
AVG 20120305
AhnLab-V3 20120305
AntiVir 20120305
Antiy-AVL 20120305
Avast 20120305
BitDefender 20120306
ByteHero 20120305
CAT-QuickHeal 20120305
ClamAV 20120306
Comodo 20120306
DrWeb 20120306
F-Secure 20120306
Fortinet 20120305
GData 20120306
Jiangmin 20120301
Kaspersky 20120305
McAfee 20120305
McAfee-GW-Edition 20120304
Microsoft 20120306
NOD32 20120306
Norman 20120304
PCTools 20120228
Panda 20120305
Prevx 20120306
SUPERAntiSpyware 20120305
Sophos 20120306
Symantec 20120305
TheHacker 20120306
TrendMicro 20120305
TrendMicro-HouseCall 20120305
VBA32 20120305
ViRobot 20120306
VirusBuster 20120304
eSafe 20120305
eTrust-Vet 20120305
nProtect 20120306
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
15
Uncompressed size
583532
Highest datetime
2012-03-06 16:13:52
Lowest datetime
2011-05-08 01:37:44
Contained files by extension
dll
4
xml
3
exe
2
com
2
92/
1
ini
1
txt
1
Contained files by type
Portable Executable
8
unknown
5
directory
2
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x00000000

FileType
ZIP

ZipCompression
None

ZipUncompressedSize
0

ZipCompressedSize
0

FileTypeExtension
zip

ZipFileName
NTLEA 0.92/

ZipBitFlag
0

ZipModifyDate
2012:03:06 16:11:04

File identification
MD5 a8797ce54b7f839bc081693287d41d3f
SHA1 4abb5299ef0767816a38d6b691f1c74ab7f96cbf
SHA256 4b13266b8e85fb5b0d2c204d3d170bf4a3766d50d4fb6d9a4e0bce2538259218
ssdeep
6144:mc+2YYdyKnUwSmumKrmGBwNYrzng4DQuFcS5MCuyh9:EYdnrSmMiGBc6zng4DTWS5MC

File size 222.3 KB ( 227665 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID Mozilla Firefox browser extension (66.6%)
ZIP compressed archive (33.3%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2012-03-06 08:15:48 UTC ( 4 years, 10 months ago )
Last submission 2015-10-01 10:01:41 UTC ( 1 year, 3 months ago )
File names NTLEA 0.92.zip
ntlea_092.zip
a8797ce54b7f839bc081693287d41d3f_INF3C6C.tmp
ntlea 0.92.zip
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!