× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5807f87b662fc7569143eb2a9e32691c40e61d106d5119af72c1c1dfa9a649ac
File name: 5F78BB28AF6B1E672151784DDA4C054B
Detection ratio: 52 / 65
Analysis date: 2017-09-18 16:45:52 UTC ( 5 months ago )
Antivirus Result Update
Ad-Aware Trojan.Generic.3812671 20170918
AegisLab Troj.Downloader.W32.Banload.asha!c 20170918
ALYac Trojan.Generic.3812671 20170918
Arcabit Trojan.Generic.D3A2D3F 20170918
Avast Win32:Tiny-AEZ [Trj] 20170918
AVG Win32:Tiny-AEZ [Trj] 20170918
Avira (no cloud) TR/Crypt.XPACK.Gen5 20170918
AVware Trojan-Downloader.Win32.Lukicsel.A (v) 20170918
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20170918
BitDefender Trojan.Generic.3812671 20170918
ClamAV Win.Downloader.Banload-2092 20170918
Comodo TrojWare.Win32.TrojanDownloader.Banload.~TAQ 20170918
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20170804
Cylance Unsafe 20170918
Cyren W32/Risk.QJIA-1925 20170918
DrWeb Trojan.DownLoad1.44939 20170918
Emsisoft Trojan.Generic.3812671 (B) 20170918
Endgame malicious (high confidence) 20170821
ESET-NOD32 Win32/TrojanDownloader.Agent.PTY 20170918
F-Prot W32/MalwareS.ETX 20170918
F-Secure Trojan.Generic.3812671 20170918
Fortinet W32/Banload.ASHA!tr.dldr 20170918
GData Trojan.Generic.3812671 20170918
Ikarus Trojan-Downloader.Banload 20170918
Sophos ML heuristic 20170914
Jiangmin TrojanDownloader.Banload.ahzx 20170918
K7AntiVirus Backdoor ( 04c5310b1 ) 20170918
K7GW Backdoor ( 04c5310b1 ) 20170918
Kaspersky HEUR:Trojan.Win32.Generic 20170918
MAX malware (ai score=88) 20170918
McAfee Downloader-CJZ 20170918
McAfee-GW-Edition BehavesLike.Win32.DNSChanger.xh 20170918
Microsoft TrojanDownloader:Win32/Lukicsel.A 20170918
eScan Trojan.Generic.3812671 20170918
NANO-Antivirus Trojan.Win32.Banload.bcrpm 20170918
Panda Trj/CI.A 20170918
Qihoo-360 Win32/Trojan.Downloader.414 20170918
Rising Trojan.Generic (cloud:RKHgsrLjTYH) 20170918
SentinelOne (Static ML) static engine - malicious 20170806
Sophos AV Mal/FakeAV-FC 20170918
Symantec Infostealer 20170918
Tencent Win32.Trojan-downloader.Banload.Szca 20170918
TheHacker W32/.Banload.asha 20170916
TrendMicro TROJ_BANLOAD.MXS 20170918
TrendMicro-HouseCall TROJ_BANLOAD.MXS 20170918
VBA32 suspected of Trojan.Downloader.gen.h 20170918
VIPRE Trojan-Downloader.Win32.Lukicsel.A (v) 20170918
ViRobot Trojan.Win32.Downloader.4608.FE 20170918
Webroot W32.Trojan.Downloader-Banload 20170918
Yandex Trojan.DL.Banload!vLwLntLegb8 20170908
Zillya Downloader.Banload.Win32.14485 20170916
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20170918
AhnLab-V3 20170918
Alibaba 20170911
Antiy-AVL 20170918
Avast-Mobile 20170829
CAT-QuickHeal 20170918
CMC 20170918
Kingsoft 20170918
Malwarebytes 20170918
nProtect 20170918
Palo Alto Networks (Known Signatures) 20170918
SUPERAntiSpyware 20170918
Symantec Mobile Insight 20170917
TotalDefense 20170918
Trustlook 20170918
WhiteArmor 20170829
Zoner 20170918
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-03-06 21:01:45
Entry Point 0x00001021
Number of sections 2
PE sections
PE imports
OpenMutexA
GetLastError
CreateThread
GetModuleHandleA
QueryPerformanceCounter
ExitProcess
Sleep
GetProcAddress
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2010:03:06 22:01:45+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
3584

LinkerVersion
5.12

EntryPoint
0x1021

InitializedDataSize
512

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

Execution parents
File identification
MD5 5f78bb28af6b1e672151784dda4c054b
SHA1 f0834412d5f37d7d9bc91a0946db185ffcd8033d
SHA256 5807f87b662fc7569143eb2a9e32691c40e61d106d5119af72c1c1dfa9a649ac
ssdeep
96:R18JJaM7vM39lBk1+9u6oc1oF9jDdek/z8NjquQ:R18IV9Ac6Jv89/Q

authentihash 0b14426b180068a987609536ad280841d6ccb209f2595e85c5817210784f75ce
imphash 9945c761a80bf1289f0d9d7bed9c09f0
File size 4.5 KB ( 4608 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (76.4%)
Win32 Executable (generic) (12.4%)
Generic Win/DOS Executable (5.5%)
DOS Executable Generic (5.5%)
Tags
peexe

VirusTotal metadata
First submission 2010-03-08 19:21:00 UTC ( 7 years, 11 months ago )
Last submission 2011-08-05 20:40:41 UTC ( 6 years, 6 months ago )
File names 5F78BB28AF6B1E672151784DDA4C054B
Nnma.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!