× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5d2eb6ac3c8f4f60b9a63d878a2fbaf6abc0d739369b3745961f0cf507abfac2
File name: output.112990169.txt
Detection ratio: 12 / 66
Analysis date: 2018-04-03 01:14:00 UTC ( 10 months, 2 weeks ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9882 20180402
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20170201
Cybereason malicious.3b147c 20180225
Cylance Unsafe 20180403
Endgame malicious (high confidence) 20180403
ESET-NOD32 a variant of MSIL/Kryptik.LPP 20180402
Sophos ML heuristic 20180121
McAfee-GW-Edition BehavesLike.Win32.Trojan.jc 20180403
Palo Alto Networks (Known Signatures) generic.ml 20180403
Qihoo-360 HEUR/QVM03.0.3EE3.Malware.Gen 20180403
SentinelOne (Static ML) static engine - malicious 20180225
Symantec ML.Attribute.HighConfidence 20180402
Ad-Aware 20180403
AegisLab 20180403
AhnLab-V3 20180402
Alibaba 20180402
ALYac 20180403
Antiy-AVL 20180403
Arcabit 20180403
Avast 20180403
Avast-Mobile 20180402
AVG 20180403
Avira (no cloud) 20180402
AVware 20180403
BitDefender 20180403
Bkav 20180402
CAT-QuickHeal 20180402
ClamAV 20180402
CMC 20180402
Comodo 20180403
Cyren 20180403
DrWeb 20180403
eGambit 20180403
Emsisoft 20180403
F-Prot 20180403
F-Secure 20180403
Fortinet 20180403
GData 20180403
Ikarus 20180402
Jiangmin 20180402
K7AntiVirus 20180402
K7GW 20180403
Kaspersky 20180402
Kingsoft 20180403
Malwarebytes 20180402
MAX 20180403
McAfee 20180402
Microsoft 20180402
eScan 20180403
NANO-Antivirus 20180402
nProtect 20180403
Panda 20180402
Rising 20180408
Sophos AV 20180403
SUPERAntiSpyware 20180402
Symantec Mobile Insight 20180401
Tencent 20180403
TheHacker 20180330
TotalDefense 20180402
TrendMicro 20180402
TrendMicro-HouseCall 20180402
Trustlook 20180403
VBA32 20180402
VIPRE 20180403
ViRobot 20180402
WhiteArmor 20180324
Yandex 20180331
ZoneAlarm by Check Point 20180403
Zoner 20180403
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2018 Pinnacle West Capital Corp

Product Resolve issues faster with continuous, scalable, web-based Sybase database monitoring.
Original name 11111.exe
Internal name 11111.exe
File version 18.2.24.2
Description Resolve issues faster with continuous, scalable, web-based Sybase database monitoring.
Comments x0wolkcasqb
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-06-24 10:11:53
Entry Point 0x000AE8DE
Number of sections 3
.NET details
Module Version ID bc990036-fc25-4a16-839c-bc0cbcb8d3b3
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
x0wolkcasqb

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
18.2.24.2

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Resolve issues faster with continuous, scalable, web-based Sybase database monitoring.

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
2560

EntryPoint
0xae8de

OriginalFileName
11111.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2018 Pinnacle West Capital Corp

FileVersion
18.2.24.2

TimeStamp
2017:06:24 10:11:53+00:00

FileType
Win32 EXE

PEType
PE32

InternalName
11111.exe

ProductVersion
18.2.24.2

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Pinnacle West Capital Corp

CodeSize
707072

ProductName
Resolve issues faster with continuous, scalable, web-based Sybase database monitoring.

ProductVersionNumber
18.2.24.2

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 32038c2d386d8e6d685cdb1fbbdd2a2c
SHA1 20ab00f3b147c7c929650013336bb60ab005214b
SHA256 5d2eb6ac3c8f4f60b9a63d878a2fbaf6abc0d739369b3745961f0cf507abfac2
ssdeep
12288:EJry+z8etWCvDTwwb8oR1RpT2Oe/nRTjud6sOIcRC02eQLaDeIdF:EJdxT1RVBe/nljudhOFC77LaD

authentihash c5aef274e8f341aba047354e9efa6591e5036f0270878c9d2d5178ae362f8188
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 693.5 KB ( 710144 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (62.0%)
Win64 Executable (generic) (23.4%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.8%)
OS/2 Executable (generic) (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-04-03 01:14:00 UTC ( 10 months, 2 weeks ago )
Last submission 2018-04-03 01:14:00 UTC ( 10 months, 2 weeks ago )
File names 11111.exe
adobe.123
output.112990169.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!