× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 61abc3582bca30517d8ed16dc9daf721e76461bbee1de1a17192159b156e503e
File name: 61abc3582bca30517d8ed16dc9daf721e76461bbee1de1a17192159b156e503e
Detection ratio: 13 / 69
Analysis date: 2018-10-01 13:43:53 UTC ( 5 months, 2 weeks ago ) View latest
Antivirus Result Update
Bkav W32.HfsAutoB. 20181001
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cybereason malicious.e1d5a4 20180225
Cylance Unsafe 20181001
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Packed.Themida.BNA 20181001
Sophos ML heuristic 20180717
Kaspersky HEUR:Trojan.Win32.Generic 20181001
Microsoft Trojan:Win32/Fuerboos.C!cl 20181001
Rising Malware.Heuristic!ET#99% (RDM+:cmRtazqh4UHyXlDifC5NYIrR7Wkh) 20181001
SentinelOne (Static ML) static engine - malicious 20180926
Symantec ML.Attribute.HighConfidence 20181001
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20180925
Ad-Aware 20181001
AegisLab 20181001
AhnLab-V3 20181001
Alibaba 20180921
ALYac 20181001
Antiy-AVL 20181001
Arcabit 20181001
Avast 20181001
Avast-Mobile 20181001
AVG 20181001
Avira (no cloud) 20181001
AVware 20180925
Babable 20180918
Baidu 20180930
BitDefender 20181001
CAT-QuickHeal 20181001
ClamAV 20181001
CMC 20181001
Comodo 20181001
Cyren 20181001
DrWeb 20181001
eGambit 20181001
Emsisoft 20181001
F-Prot 20181001
F-Secure 20181001
Fortinet 20181001
GData 20181001
Ikarus 20181001
Jiangmin 20181001
K7AntiVirus 20181001
K7GW 20181001
Kingsoft 20181001
Malwarebytes 20181001
MAX 20181001
McAfee 20181001
McAfee-GW-Edition 20181001
eScan 20181001
NANO-Antivirus 20181001
Palo Alto Networks (Known Signatures) 20181001
Panda 20181001
Qihoo-360 20181001
Sophos AV 20181001
SUPERAntiSpyware 20180907
Symantec Mobile Insight 20181001
TACHYON 20181001
Tencent 20181001
TheHacker 20181001
TotalDefense 20181001
TrendMicro 20181001
TrendMicro-HouseCall 20181001
Trustlook 20181001
VBA32 20181001
VIPRE 20181001
ViRobot 20181001
Webroot 20181001
Yandex 20180927
Zillya 20180928
Zoner 20180927
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1998-2005 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.

Product The OpenSSL Toolkit
Original name libeay32.dll
Internal name libeay32
File version 1.0.0d
Description OpenSSL Shared Library
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-09-30 13:12:09
Entry Point 0x00526000
Number of sections 6
PE sections
PE imports
Number of PE resources by type
RT_ICON 6
RT_MANIFEST 2
RT_GROUP_ICON 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 10
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
14.15

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.4

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
OpenSSL Shared Library

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
231936

EntryPoint
0x526000

OriginalFileName
libeay32.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright 1998-2005 The OpenSSL Project. Copyright 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.

FileVersion
1.0.0d

TimeStamp
2018:09:30 14:12:09+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
libeay32

ProductVersion
1.0.0d

SubsystemVersion
6.0

OSVersion
6.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
The OpenSSL Project, http://www.openssl.org/

CodeSize
557568

ProductName
The OpenSSL Toolkit

ProductVersionNumber
1.0.0.4

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 67a805ee1d5a4ee4fc6a69539d46fb23
SHA1 f218cd38763c9c0a89c7a87cf6a563f31e631c5a
SHA256 61abc3582bca30517d8ed16dc9daf721e76461bbee1de1a17192159b156e503e
ssdeep
49152:VvOEgSIr6SfsKK7tN3ggUZzbClGTNlbWXd4f9I9bdau0B9hVF:CrDsKK773ggUZz2lGhlaIIyJ93F

authentihash c56722e76fe95feec8dacd4d798111f4e83c1b959d92e62f9d864f03b4405215
imphash 2eabe9054cad5152567f0699947a2c5b
File size 2.2 MB ( 2259456 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-01 13:43:53 UTC ( 5 months, 2 weeks ago )
Last submission 2018-10-01 21:22:23 UTC ( 5 months, 2 weeks ago )
File names $RCCFJDZ.EXE
libeay32.dll
61abc3582bca30517d8ed16dc9daf721e76461bbee1de1a17192159b156e503e_7.exe
libeay32
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!