× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 54176c37644f3264bcbee79677633e47e1b5d0b9eb9fdb7b08d3ba0fe6125000
File name: 5920147
Detection ratio: 37 / 66
Analysis date: 2018-03-27 10:51:45 UTC ( 11 months ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Symmi.84009 20180327
AegisLab Troj.W32.Generic!c 20180327
ALYac Gen:Variant.Symmi.84009 20180327
Arcabit Trojan.Symmi.D14829 20180327
Avast Win32:Malware-gen 20180326
AVG Win32:Malware-gen 20180326
AVware Backdoor.Win32.Ircbot.gen (v) 20180327
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9988 20180327
BitDefender Gen:Variant.Symmi.84009 20180327
Bkav W32.HfsAutoB.9FC5 20180327
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20170201
Cylance Unsafe 20180327
Cyren W32/Trojan.AMIP-1539 20180327
DrWeb Trojan.DownLoader26.31373 20180327
Emsisoft Gen:Variant.Symmi.84009 (B) 20180327
Endgame malicious (high confidence) 20180316
ESET-NOD32 a variant of Win32/Packed.Themida suspicious 20180327
F-Secure Gen:Variant.Symmi.84009 20180327
Fortinet W32/Generic!tr 20180327
GData Gen:Variant.Symmi.84009 20180327
Ikarus PUA.Generic 20180327
Sophos ML heuristic 20180121
K7AntiVirus Trojan ( 0040f4ef1 ) 20180327
K7GW Trojan ( 0040f4ef1 ) 20180327
Kaspersky HEUR:Trojan.Win32.Generic 20180327
MAX malware (ai score=97) 20180327
McAfee Artemis!955B09639745 20180327
McAfee-GW-Edition BehavesLike.Win32.Generic.tc 20180327
eScan Gen:Variant.Symmi.84009 20180327
Palo Alto Networks (Known Signatures) generic.ml 20180327
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/Generic-S 20180327
Symantec Trojan.Gen.2 20180327
Tencent Win32.Trojan.Generic.Hsil 20180327
TrendMicro-HouseCall TROJ_GEN.R002H07CQ18 20180327
VIPRE Backdoor.Win32.Ircbot.gen (v) 20180327
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20180327
AhnLab-V3 20180327
Alibaba 20180327
Antiy-AVL 20180327
Avast-Mobile 20180325
Avira (no cloud) 20180327
CAT-QuickHeal 20180327
ClamAV 20180327
CMC 20180326
Comodo 20180327
Cybereason None
eGambit 20180327
F-Prot 20180327
Jiangmin 20180327
Kingsoft 20180327
Malwarebytes 20180327
Microsoft 20180327
NANO-Antivirus 20180327
nProtect 20180327
Panda 20180325
Qihoo-360 20180327
Rising 20180327
SUPERAntiSpyware 20180327
Symantec Mobile Insight 20180311
TheHacker 20180326
TrendMicro 20180327
Trustlook 20180327
VBA32 20180326
ViRobot 20180327
WhiteArmor 20180324
Yandex 20180324
Zillya 20180326
Zoner 20180326
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x00402000
Number of sections 6
PE sections
PE imports
Number of PE resources by type
RT_STRING 7
RT_RCDATA 3
Number of PE resources by language
NEUTRAL 10
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
99840

LinkerVersion
2.25

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, No debug, Removable run from swap, Net run from swap, Bytes reversed hi

EntryPoint
0x402000

InitializedDataSize
20992

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 955b096397452adb80f759584d0fec95
SHA1 b1ff65cc0012a73ab40c06abc7752fbd366d85bf
SHA256 54176c37644f3264bcbee79677633e47e1b5d0b9eb9fdb7b08d3ba0fe6125000
ssdeep
24576:mq4WsDSqvLzsE/A5psEzinnu339AC3qVlRSv4dvFeCHeuHkRs9Ys:mvvkE/A5fun5C3g7SAx/euHH9Ys

authentihash 222df7a338aee8c9f97d3226ede56ee5f92fba773beec403caa5e730c764ec8a
imphash 2eabe9054cad5152567f0699947a2c5b
File size 1.5 MB ( 1578496 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2018-03-26 22:52:13 UTC ( 11 months ago )
Last submission 2018-03-26 22:52:13 UTC ( 11 months ago )
File names MrVagner2.exe
5920147
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Runtime DLLs