× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5e719b871b17c70bdf7fd99c570044cc48b689afedc28ac4f12beabe84e53038
File name: Audio de Windows.exe
Detection ratio: 17 / 71
Analysis date: 2019-04-14 22:22:33 UTC ( 1 month ago ) View latest
Antivirus Result Update
Acronis suspicious 20190413
Avira (no cloud) TR/Dropper.Gen 20190414
CrowdStrike Falcon (ML) win/malicious_confidence_90% (D) 20190212
Cybereason malicious.4108ee 20190403
Cylance Unsafe 20190414
eGambit Unsafe.AI_Score_86% 20190414
Endgame malicious (high confidence) 20190403
ESET-NOD32 a variant of MSIL/Injector.BML 20190414
F-Secure Trojan.TR/Dropper.Gen 20190414
FireEye Generic.mg.44579ee908bc5b4e 20190414
Ikarus Trojan.MSIL.Injector 20190414
Sophos ML heuristic 20190313
McAfee-GW-Edition BehavesLike.Win32.Generic.fc 20190414
Qihoo-360 HEUR/QVM03.0.871F.Malware.Gen 20190414
SentinelOne (Static ML) DFI - Suspicious PE 20190407
Symantec ML.Attribute.HighConfidence 20190414
Trapmine malicious.high.ml.score 20190325
Ad-Aware 20190414
AegisLab 20190414
AhnLab-V3 20190414
Alibaba 20190402
ALYac 20190414
Antiy-AVL 20190414
Arcabit 20190414
Avast 20190414
Avast-Mobile 20190414
AVG 20190414
Babable 20180918
Baidu 20190318
BitDefender 20190414
Bkav 20190412
CAT-QuickHeal 20190414
ClamAV 20190414
CMC 20190321
Comodo 20190414
Cyren 20190414
DrWeb 20190414
Emsisoft 20190414
F-Prot 20190414
Fortinet 20190414
GData 20190414
Jiangmin 20190414
K7AntiVirus 20190414
K7GW 20190414
Kaspersky 20190414
Kingsoft 20190414
Malwarebytes 20190414
MAX 20190414
McAfee 20190414
Microsoft 20190414
eScan 20190414
NANO-Antivirus 20190414
Palo Alto Networks (Known Signatures) 20190414
Panda 20190414
Rising 20190414
Sophos AV 20190414
SUPERAntiSpyware 20190410
Symantec Mobile Insight 20190410
TACHYON 20190414
Tencent 20190414
TheHacker 20190411
TotalDefense 20190413
TrendMicro 20190415
TrendMicro-HouseCall 20190415
Trustlook 20190414
VBA32 20190412
VIPRE 20190413
ViRobot 20190414
Webroot 20190414
Yandex 20190412
ZoneAlarm by Check Point 20190414
Zoner 20190414
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright

Original name ruyjkepi.exe
Internal name ruyjkepi.exe
File version 0.0.0.0
Description
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-04-14 22:11:46
Entry Point 0x0006600A
Number of sections 5
.NET details
Module Version ID 97b648f8-f6f1-4f74-af2b-eabe815c4612
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 3
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
265216

ImageVersion
0.0

FileVersionNumber
0.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
8.0

FileTypeExtension
exe

OriginalFileName
ruyjkepi.exe

MIMEType
application/octet-stream

FileVersion
0.0.0.0

TimeStamp
2019:04:15 00:11:46+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
ruyjkepi.exe

ProductVersion
0.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
123392

FileSubtype
0

ProductVersionNumber
0.0.0.0

EntryPoint
0x6600a

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

Execution parents
File identification
MD5 44579ee908bc5b4e6dafb75b921ff0e3
SHA1 0b9b5ab4108ee725487974995c332dabe0d780bf
SHA256 5e719b871b17c70bdf7fd99c570044cc48b689afedc28ac4f12beabe84e53038
ssdeep
6144:xD7RmtvgvCy7jV6IE1xm3S4he7Kv8f3fBy3dD8CDuK0IaQK:xD7YxuCyP/3S4VEfPBy2CDuK0IaQK

authentihash 10492b032f8c05663f2ddf85f72592207f6ea615399bc8d10ec2a1cfd17b6435
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 380.5 KB ( 389632 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe assembly

VirusTotal metadata
First submission 2019-04-14 22:22:33 UTC ( 1 month ago )
Last submission 2019-04-14 22:22:33 UTC ( 1 month ago )
File names Audio%20de%20Windows.exe
ruyjkepi.exe
AudioWindows.exe
18.exe
Audio de Windows.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
DNS requests