× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5144431e4346fe03a13986e28da71d8ea03fc054b6293c4cb0ffac037cc1f1b2
File name: 1 (2).exe
Detection ratio: 43 / 62
Analysis date: 2017-12-06 17:49:40 UTC ( 1 month, 1 week ago )
Antivirus Result Update
AegisLab Troj.W32.Generic!c 20171206
AhnLab-V3 Malware/Win32.Generic.C1683942 20171206
Antiy-AVL Trojan/Win32.AGeneric 20171206
Arcabit Trojan.Zusy.D340E8 20171206
Avast Win32:Malware-gen 20171206
AVG Win32:Malware-gen 20171206
Avira (no cloud) TR/Agent.yeeey 20171206
AVware Trojan.Win32.Generic!BT 20171206
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9874 20171206
BitDefender Gen:Variant.Zusy.213224 20171206
CAT-QuickHeal TrojanSpy.Banker 20171206
Comodo TrojWare.Win32.Banker.~ADLB 20171206
Cylance Unsafe 20171206
Cyren W32/Trojan.HEXO-1588 20171206
Emsisoft Gen:Variant.Zusy.213224 (B) 20171206
ESET-NOD32 a variant of Win32/Spy.Banker.ADLB 20171206
F-Secure Gen:Variant.Zusy.213224 20171206
Fortinet W32/Generic.AC.3828420 20171206
GData Gen:Variant.Zusy.213224 20171206
Ikarus Trojan-Spy.Agent 20171206
Sophos ML heuristic 20170914
Jiangmin Trojan.Generic.angqy 20171206
K7AntiVirus Spyware ( 004ff1551 ) 20171205
K7GW Spyware ( 004ff1551 ) 20171206
Kaspersky HEUR:Trojan.Win32.Generic 20171206
MAX malware (ai score=89) 20171206
McAfee GenericRXAQ-WG!1A92EEDAFC10 20171206
McAfee-GW-Edition GenericRXAQ-WG!1A92EEDAFC10 20171206
Microsoft TrojanSpy:Win32/Banker 20171206
eScan Gen:Variant.Zusy.213224 20171206
NANO-Antivirus Trojan.Win32.Agent.eiyuyn 20171206
Panda Trj/GdSda.A 20171206
Sophos AV Mal/Generic-S 20171206
Symantec Trojan.Gen.NPE 20171206
Tencent Win32.Trojan.Agent.Hsrz 20171206
TrendMicro TSPY_BA.14E53DF4 20171206
TrendMicro-HouseCall TSPY_BA.14E53DF4 20171206
VIPRE Trojan.Win32.Generic!BT 20171206
ViRobot Trojan.Win32.Z.Agent.3906048 20171206
Webroot W32.Trojan.Gen 20171206
Yandex Trojan.Agent!oZZ6b4JX/Fc 20171205
Zillya Trojan.Banker.Win32.103642 20171206
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20171206
Ad-Aware 20171206
Alibaba 20171206
ALYac 20171206
Avast-Mobile 20171206
Bkav 20171206
ClamAV 20171206
CMC 20171206
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
DrWeb 20171206
eGambit 20171206
Endgame 20171130
F-Prot 20171206
Kingsoft 20171206
Malwarebytes 20171206
nProtect 20171206
Palo Alto Networks (Known Signatures) 20171206
Qihoo-360 20171206
Rising 20171206
SentinelOne (Static ML) 20171113
SUPERAntiSpyware 20171206
Symantec Mobile Insight 20171206
TheHacker 20171205
Trustlook 20171206
VBA32 20171206
WhiteArmor 20171204
Zoner 20171206
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
1
Uncompressed size
3906048
Highest datetime
2016-11-24 20:31:34
Lowest datetime
2016-11-24 20:31:34
Contained files by type
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x3ce4a29c

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
3906048

ZipCompressedSize
1936675

FileTypeExtension
zip

ZipFileName
gfs2

ZipBitFlag
0

ZipModifyDate
2016:11:24 20:31:17

Compressed bundles
File identification
MD5 92935ec0ee4a7bb127cd2fe83296e93f
SHA1 818ef4fdcd5825993dcf05593ee7b4f88461f53a
SHA256 5144431e4346fe03a13986e28da71d8ea03fc054b6293c4cb0ffac037cc1f1b2
ssdeep
49152:pZBaIyeDX+sA6CaNo38eGQelKoT3K6t5yAT1ga6FkgCA8k8eWnKrU:9jjA674tXelKoTaA/T1gaKkS8k8J

File size 1.8 MB ( 1936781 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2016-11-26 11:41:25 UTC ( 1 year, 1 month ago )
Last submission 2017-12-06 17:49:40 UTC ( 1 month, 1 week ago )
File names 1 (2).exe
92935ec0ee4a7bb127cd2fe83296e93f.zip
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!