× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6386ad1cc169c6320272cca2b142396bac2b499ebb056efd5b6dcb17e5260f42
File name: 442730
Detection ratio: 1 / 58
Analysis date: 2016-03-26 12:39:02 UTC ( 2 years, 12 months ago ) View latest
Antivirus Result Update
TheHacker Trojan/Dm.amr 20160325
Ad-Aware 20160326
AegisLab 20160326
Yandex 20160316
AhnLab-V3 20160326
Alibaba 20160323
ALYac 20160326
Antiy-AVL 20160326
Arcabit 20160326
Avast 20160326
AVG 20160326
Avira (no cloud) 20160325
AVware 20160326
Baidu 20160325
Baidu-International 20160326
BitDefender 20160326
Bkav 20160326
ByteHero 20160326
CAT-QuickHeal 20160326
ClamAV 20160325
CMC 20160322
Comodo 20160326
Cyren 20160326
DrWeb 20160326
Emsisoft 20160326
ESET-NOD32 20160326
F-Prot 20160326
F-Secure 20160326
Fortinet 20160326
GData 20160326
Ikarus 20160326
Jiangmin 20160326
K7AntiVirus 20160326
K7GW 20160323
Kaspersky 20160326
Kingsoft 20160326
Malwarebytes 20160326
McAfee 20160326
McAfee-GW-Edition 20160326
Microsoft 20160326
eScan 20160326
NANO-Antivirus 20160326
nProtect 20160325
Panda 20160326
Qihoo-360 20160326
Rising 20160326
Sophos AV 20160326
SUPERAntiSpyware 20160326
Symantec 20160326
Tencent 20160326
TotalDefense 20160326
TrendMicro 20160326
TrendMicro-HouseCall 20160326
VBA32 20160325
VIPRE 20160326
ViRobot 20160326
Zillya 20160326
Zoner 20160326
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
4
Uncompressed size
4703862
Highest datetime
2013-10-01 06:38:10
Lowest datetime
2008-10-02 13:24:34
Contained files by extension
rtf
2
txt
1
exe
1
Contained files by type
RTF
2
unknown
1
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0xa1d42549

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
55625

ZipCompressedSize
5973

FileTypeExtension
zip

ZipFileName
readme.rtf

ZipBitFlag
0

ZipModifyDate
2012:10:06 17:56:16

File identification
MD5 c23c7fe61ec749a4e9458b5b9fb8d011
SHA1 84ec52f697f1f2f85477a8163581fbf5946d9c10
SHA256 6386ad1cc169c6320272cca2b142396bac2b499ebb056efd5b6dcb17e5260f42
ssdeep
98304:dqJyS/5YKrNIGXok1gFuIZAnx/4r6CKWQWy/RH:YJyc5frNIOokkuymyr6CTC/R

File size 3.9 MB ( 4071462 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (80.0%)
PrintFox/Pagefox bitmap (var. P) (20.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2013-10-20 02:57:14 UTC ( 5 years, 5 months ago )
Last submission 2016-06-02 23:47:06 UTC ( 2 years, 9 months ago )
File names setup_5.zip
myfile
1441325703-setup_5.zip
442730
setup_5.zip
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: Suspicious_GEN.F47V0818.

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!