× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5ba1b4b5d4b1535f4da7fa6008d744522d77ed842ee46092344a450c81db51c2
File name: wbin.exe
Detection ratio: 27 / 68
Analysis date: 2018-11-05 06:02:13 UTC ( 6 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Razy.419622 20181105
ALYac Gen:Variant.Razy.419622 20181105
Arcabit Trojan.Razy.D66726 20181105
Avast FileRepMalware 20181105
AVG FileRepMalware 20181105
Avira (no cloud) HEUR/AGEN.1035258 20181104
BitDefender Gen:Variant.Razy.419622 20181105
CrowdStrike Falcon (ML) malicious_confidence_60% (W) 20181022
Cylance Unsafe 20181105
Cyren W32/Kryptik.DR.gen!Eldorado 20181105
Emsisoft Gen:Variant.Razy.419622 (B) 20181105
ESET-NOD32 a variant of MSIL/Kryptik.QAJ 20181105
F-Prot W32/Kryptik.DR.gen!Eldorado 20181105
F-Secure Gen:Variant.Razy.419622 20181105
GData Gen:Variant.Razy.419622 20181105
Kaspersky UDS:DangerousObject.Multi.Generic 20181105
Malwarebytes Trojan.PasswordStealer.MSIL 20181105
McAfee Artemis!BA07F4A2431F 20181105
McAfee-GW-Edition BehavesLike.Win32.Generic.jc 20181105
Microsoft Trojan:Win32/Dynamer!rfn 20181105
eScan Gen:Variant.Razy.419622 20181105
Palo Alto Networks (Known Signatures) generic.ml 20181105
Qihoo-360 Win32/Trojan.913 20181105
Rising Trojan.Kryptik!8.8 (CLOUD) 20181105
SentinelOne (Static ML) static engine - malicious 20181011
Symantec ML.Attribute.HighConfidence 20181104
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20181105
AegisLab 20181105
AhnLab-V3 20181104
Alibaba 20180921
Antiy-AVL 20181105
Avast-Mobile 20181104
Babable 20180918
Baidu 20181105
Bkav 20181102
CAT-QuickHeal 20181104
ClamAV 20181104
CMC 20181105
Cybereason 20180225
DrWeb 20181105
eGambit 20181105
Endgame 20180730
Fortinet 20181105
Ikarus 20181104
Sophos ML 20180717
Jiangmin 20181105
K7AntiVirus 20181105
K7GW 20181104
Kingsoft 20181105
MAX 20181105
NANO-Antivirus 20181105
Panda 20181104
Sophos AV 20181105
SUPERAntiSpyware 20181031
Symantec Mobile Insight 20181030
TACHYON 20181105
Tencent 20181105
TheHacker 20181104
TotalDefense 20181104
TrendMicro 20181105
TrendMicro-HouseCall 20181105
Trustlook 20181105
VBA32 20181102
VIPRE 20181104
ViRobot 20181104
Webroot 20181105
Yandex 20181102
Zillya 20181102
Zoner 20181105
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2018 Family Dollar Stores Inc.

Product Danones yogurt Bio
Original name wbin.exe
Internal name wbin.exe
File version 7.8.17.4
Description Danones yogurt Bio
Comments uteyajekitakacujuhinuz
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1990-05-04 09:08:20
Entry Point 0x000A534E
Number of sections 3
.NET details
Module Version ID 48800206-2dfb-4265-aac7-a5743b42786a
TypeLib ID e28cd04c-ef3b-4b87-8d27-9aebc47dcc7a
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
uteyajekitakacujuhinuz

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
7.8.17.4

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Danones yogurt Bio

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
2560

EntryPoint
0xa534e

OriginalFileName
wbin.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2018 Family Dollar Stores Inc.

FileVersion
7.8.17.4

TimeStamp
1990:05:04 11:08:20+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
wbin.exe

ProductVersion
7.8.17.4

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Family Dollar Stores Inc.

CodeSize
668672

ProductName
Danones yogurt Bio

ProductVersionNumber
7.8.17.4

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 ba07f4a2431fc1bd79c7661c477caee3
SHA1 9249dd8a66c1c7decca53953120c8f64b46f8d41
SHA256 5ba1b4b5d4b1535f4da7fa6008d744522d77ed842ee46092344a450c81db51c2
ssdeep
6144:hokjm7rT6mFnmBretV1iQR7Mvul9zrf74V9rtbySBXEh4st6qszk51Q6AkOhYRt:nm7rT6mYrqVs+Myz/4VCksoqst6Am

authentihash e074d3fcde8d05d137492dfe990c23e72521c77ae103d8011fcf60af2fe469dc
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 656.0 KB ( 671744 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (70.8%)
Windows screen saver (12.6%)
Win32 Dynamic Link Library (generic) (6.3%)
Win32 Executable (generic) (4.3%)
OS/2 Executable (generic) (1.9%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-11-05 01:37:30 UTC ( 6 months, 2 weeks ago )
Last submission 2018-11-14 06:40:02 UTC ( 6 months, 1 week ago )
File names wbin.exe
ba07f4a2431fc1bd79c7661c477caee3
wbin.exe
output.114461304.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!