× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4b41a068228ee4ab89699b0f2264c35f339fe6b1e96f435f0f900974dc4c1e0d
File name: INVO8978-78.exe
Detection ratio: 17 / 63
Analysis date: 2018-03-21 03:45:09 UTC ( 1 year, 1 month ago ) View latest
Antivirus Result Update
Avast FileRepMetagen [Malware] 20180321
AVG FileRepMetagen [Malware] 20180321
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180320
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20170201
Cylance Unsafe 20180321
Cyren W32/Trojan.BED.gen!Eldorado 20180321
F-Prot W32/Trojan.BED.gen!Eldorado 20180321
Fortinet MSIL/Kryptik.NIA!tr 20180321
Ikarus Win32.Outbreak 20180320
Sophos ML heuristic 20180121
Kaspersky UDS:DangerousObject.Multi.Generic 20180321
McAfee-GW-Edition BehavesLike.Win32.Trojan.dc 20180321
Palo Alto Networks (Known Signatures) generic.ml 20180321
Qihoo-360 HEUR/QVM03.0.F6A3.Malware.Gen 20180321
SentinelOne (Static ML) static engine - malicious 20180225
Symantec ML.Attribute.HighConfidence 20180320
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180321
Ad-Aware 20180321
AegisLab 20180321
AhnLab-V3 20180320
Alibaba 20180321
ALYac 20180321
Antiy-AVL 20180320
Arcabit 20180321
Avast-Mobile 20180320
Avira (no cloud) 20180320
AVware 20180321
BitDefender 20180321
Bkav 20180320
CAT-QuickHeal 20180320
ClamAV 20180321
CMC 20180321
Comodo 20180321
Cybereason None
DrWeb 20180321
eGambit 20180321
Emsisoft 20180321
Endgame 20180316
ESET-NOD32 20180321
F-Secure 20180321
GData 20180321
Jiangmin 20180321
K7AntiVirus 20180320
K7GW 20180320
Kingsoft 20180321
Malwarebytes 20180321
MAX 20180321
McAfee 20180321
Microsoft 20180321
eScan 20180321
NANO-Antivirus 20180321
nProtect 20180321
Panda 20180320
Rising 20180321
Sophos AV 20180321
SUPERAntiSpyware 20180321
Symantec Mobile Insight 20180311
Tencent 20180321
TheHacker 20180319
Trustlook 20180321
VBA32 20180320
VIPRE 20180321
ViRobot 20180321
WhiteArmor 20180223
Yandex 20180320
Zillya 20180320
Zoner 20180321
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2018 Grey Global Group Inc.

Product MSWC Browser Capabilities
Original name CRYPT.exe
Internal name CRYPT.exe
File version 5.7.20.3
Description MSWC Browser Capabilities
Comments u1dmwjl1w52
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-06-11 03:04:02
Entry Point 0x00042D5E
Number of sections 3
.NET details
Module Version ID f0d9163e-8099-410e-bd21-79f3e2249492
TypeLib ID 8b1ec7c8-08d4-4a5e-a47c-2959b05edfe2
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
u1dmwjl1w52

InitializedDataSize
2560

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
5.7.20.3

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
MSWC Browser Capabilities

CharacterSet
Unicode

LinkerVersion
8.0

EntryPoint
0x42d5e

OriginalFileName
CRYPT.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2018 Grey Global Group Inc.

FileVersion
5.7.20.3

TimeStamp
2017:06:11 05:04:02+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
CRYPT.exe

ProductVersion
5.7.20.3

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Grey Global Group Inc.

CodeSize
265728

ProductName
MSWC Browser Capabilities

ProductVersionNumber
5.7.20.3

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 f07f28b1c61c658fff96ad6e943bbebe
SHA1 a77f773e161ed2c3a9112042509c36ac02e28cd1
SHA256 4b41a068228ee4ab89699b0f2264c35f339fe6b1e96f435f0f900974dc4c1e0d
ssdeep
6144:fPowJXHLhNsz1j9EundGQMK6GZTn0APjQApdh:fAwBqB9RnfKiLXQA/h

authentihash 9e946281ce5d77457275426464a87e476cae22bcade16ad8c0ac9aee2f23e190
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 262.5 KB ( 268800 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (79.2%)
Win32 Dynamic Link Library (generic) (7.1%)
Win32 Executable (generic) (4.8%)
Win16/32 Executable Delphi generic (2.2%)
OS/2 Executable (generic) (2.1%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-03-21 03:45:09 UTC ( 1 year, 1 month ago )
Last submission 2018-05-11 00:23:22 UTC ( 11 months, 2 weeks ago )
File names INVO8978-78.exe
CRYPT.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!