× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 53a09f943ba2d55e236bf2aba7279147c69a1d1f18ecda2de7f68ecbd33661f7
File name: gfproahlalhadeeth.zip
Detection ratio: 1 / 59
Analysis date: 2017-03-22 03:35:09 UTC ( 1 year, 6 months ago )
Antivirus Result Update
DrWeb Trojan.Siggen6.26776 20170322
Ad-Aware 20170322
AegisLab 20170321
AhnLab-V3 20170322
Alibaba 20170321
ALYac 20170322
Antiy-AVL 20170322
Arcabit 20170322
Avast 20170322
AVG 20170322
Avira (no cloud) 20170321
AVware 20170322
Baidu 20170321
BitDefender 20170322
Bkav 20170321
CAT-QuickHeal 20170321
ClamAV 20170322
CMC 20170317
Comodo 20170322
CrowdStrike Falcon (ML) 20170130
Cyren 20170322
Emsisoft 20170322
Endgame 20170317
ESET-NOD32 20170322
F-Prot 20170322
F-Secure 20170322
Fortinet 20170322
GData 20170322
Ikarus 20170321
Sophos ML 20170203
Jiangmin 20170322
K7AntiVirus 20170321
K7GW 20170320
Kaspersky 20170322
Kingsoft 20170322
Malwarebytes 20170322
McAfee 20170322
McAfee-GW-Edition 20170322
Microsoft 20170322
eScan 20170322
NANO-Antivirus 20170322
nProtect 20170322
Palo Alto Networks (Known Signatures) 20170322
Panda 20170321
Qihoo-360 20170322
Rising 20170322
SentinelOne (Static ML) 20170315
Sophos AV 20170322
SUPERAntiSpyware 20170322
Symantec 20170321
Symantec Mobile Insight 20170322
Tencent 20170322
TheHacker 20170321
TotalDefense 20170321
TrendMicro 20170322
TrendMicro-HouseCall 20170322
Trustlook 20170322
VBA32 20170321
VIPRE 20170322
ViRobot 20170321
Webroot 20170322
WhiteArmor 20170315
Yandex 20170321
Zillya 20170321
ZoneAlarm by Check Point 20170322
Zoner 20170322
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
2
Uncompressed size
2760319
Highest datetime
2010-04-04 23:25:18
Lowest datetime
2008-04-21 01:11:02
Contained files by extension
txt
1
exe
1
Contained files by type
unknown
1
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0xc832579e

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
2760269

ZipCompressedSize
2749549

FileTypeExtension
zip

ZipFileName
GFPro.exe

ZipBitFlag
0x0002

ZipModifyDate
2008:04:21 01:11:01

File identification
MD5 99534384972b3ba444a4bf3b91d8637d
SHA1 75cddae9926144674b373caebdf79d913febff55
SHA256 53a09f943ba2d55e236bf2aba7279147c69a1d1f18ecda2de7f68ecbd33661f7
ssdeep
49152:sP69+Jt97dlYQ/CcAE7ScGpSnv+NvC9OmPEH9mMchF7Bd9JeGjneeep8+i0X:v9GX7YQacAE7ScxovC9U+hF7Bd9NerF

File size 2.6 MB ( 2749937 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe zip upx

VirusTotal metadata
First submission 2014-03-28 01:31:14 UTC ( 4 years, 5 months ago )
Last submission 2017-03-22 03:35:09 UTC ( 1 year, 6 months ago )
File names gfproahlalhadeeth.zip
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!