× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5489173e32ddb1b01ef627638177f7ffe3396a95874690d0803208582276d81b
File name: cafe.zip
Detection ratio: 11 / 55
Analysis date: 2015-10-31 03:39:18 UTC ( 3 years, 1 month ago ) View latest
Antivirus Result Update
Antiy-AVL RiskWare[PSWTool:not-a-virus]/Win32.NetPass 20151031
ClamAV Win.Trojan.Agent-952053 20151030
DrWeb Trojan.Siggen6.30224 20151031
Jiangmin Trojan/Vilsel.dww 20151030
K7AntiVirus Riskware ( 0040eff71 ) 20151030
K7GW Riskware ( 0040eff71 ) 20151030
McAfee Artemis!639FB47021BE 20151031
McAfee-GW-Edition Artemis!639FB47021BE 20151030
NANO-Antivirus Trojan.Win32.Dorifel.dshvzu 20151031
VBA32 Trojan.Nimnul 20151030
Zillya Adware.BetterSurf.Win32.10244 20151030
Ad-Aware 20151031
AegisLab 20151030
Yandex 20151030
AhnLab-V3 20151030
Alibaba 20151030
ALYac 20151031
Arcabit 20151031
Avast 20151031
AVG 20151031
Avira (no cloud) 20151031
AVware 20151030
Baidu-International 20151030
BitDefender 20151031
Bkav 20151029
ByteHero 20151031
CAT-QuickHeal 20151031
CMC 20151029
Comodo 20151030
Cyren 20151031
Emsisoft 20151031
ESET-NOD32 20151031
F-Prot 20151031
F-Secure 20151031
Fortinet 20151031
GData 20151031
Ikarus 20151030
Kaspersky 20151031
Malwarebytes 20151030
Microsoft 20151031
eScan 20151031
nProtect 20151030
Panda 20151030
Qihoo-360 20151031
Rising 20151030
Sophos AV 20151031
SUPERAntiSpyware 20151030
Symantec 20151030
TheHacker 20151030
TotalDefense 20151030
TrendMicro 20151031
TrendMicro-HouseCall 20151031
VIPRE 20151031
ViRobot 20151031
Zoner 20151031
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
16
Uncompressed size
10925729
Highest datetime
2015-04-15 13:05:18
Lowest datetime
2003-11-20 03:01:00
Contained files by extension
txt
6
exe
4
bat
2
rtf
2
ini
1
pdf
1
Contained files by type
unknown
9
Portable Executable
4
RTF
2
PDF
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0xfad2aeb2

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
2842408

ZipCompressedSize
2750275

FileTypeExtension
zip

ZipFileName
cafesetup.exe

ZipBitFlag
0x0002

ZipModifyDate
2015:04:15 13:05:18

File identification
MD5 00189ecbe16bf9ee94ffa3231e636ec6
SHA1 c6c205f3891691e1a7e992ed3e6d268163ef79dc
SHA256 5489173e32ddb1b01ef627638177f7ffe3396a95874690d0803208582276d81b
ssdeep
98304:2hNZCB82hBNyocfOdY1prN+CC5YTC6IeNQA58T:rKOBNyocWd8prNMYTC4NX6

File size 3.5 MB ( 3669884 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (80.0%)
PrintFox/Pagefox bitmap (var. P) (20.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2015-06-13 08:07:29 UTC ( 3 years, 6 months ago )
Last submission 2017-11-08 22:29:51 UTC ( 1 year, 1 month ago )
File names cafe.zip
1434928502-cafe.zip
684280
1435450503-cafe.zip
cafe.zip
cafe.zip
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: Suspicious_GEN.F47V0613.

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!