× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6516471849724c05b355a6a3e292c930a1d5b797b1246d219814c866c1d9b7ff
File name: IBKK7B.JPG
Detection ratio: 43 / 68
Analysis date: 2018-09-18 22:14:13 UTC ( 8 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.31054960 20180917
AegisLab Troj.W32.Generic!c 20180918
ALYac Trojan.GenericKD.31054960 20180918
Antiy-AVL Trojan/Win32.AGeneric 20180918
Arcabit Trojan.Generic.D1D9DC70 20180918
Avast Win32:Malware-gen 20180918
AVG Win32:Malware-gen 20180918
Avira (no cloud) HEUR/AGEN.1032380 20180918
BitDefender Trojan.GenericKD.31054960 20180918
CAT-QuickHeal Trojan.IGENERIC 20180918
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cylance Unsafe 20180918
Cyren W32/MSIL_Kryptik.AD.gen!Eldorado 20180918
Emsisoft Trojan.GenericKD.31054960 (B) 20180918
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of MSIL/Kryptik.MWY 20180918
F-Prot W32/MSIL_Kryptik.AD.gen!Eldorado 20180918
F-Secure Trojan.GenericKD.31054960 20180918
Fortinet MSIL/Kryptik.ONB!tr 20180918
GData Trojan.GenericKD.31054960 20180918
Ikarus Trojan.MSIL.Inject 20180918
Sophos ML heuristic 20180717
K7AntiVirus Trojan ( 005277121 ) 20180918
K7GW Trojan ( 005277121 ) 20180918
Kaspersky HEUR:Trojan.Win32.Generic 20180918
MAX malware (ai score=94) 20180918
McAfee RDN/Generic.grp 20180918
McAfee-GW-Edition BehavesLike.Win32.Generic.fc 20180918
Microsoft Trojan:Win32/Tiggre!rfn 20180918
eScan Trojan.GenericKD.31054960 20180918
NANO-Antivirus Trojan.Win32.Kryptik.ffbayp 20180918
Palo Alto Networks (Known Signatures) generic.ml 20180918
Panda Trj/GdSda.A 20180918
Qihoo-360 HEUR/QVM03.0.528C.Malware.Gen 20180918
Rising Trojan.Kryptik!8.8 (CLOUD) 20180918
SentinelOne (Static ML) static engine - malicious 20180830
Sophos AV Mal/MSIL-TY 20180918
Symantec Trojan.Gen.2 20180918
Tencent Win32.Trojan.Generic.Svhl 20180918
TrendMicro TROJ_GEN.R049C0PG818 20180918
TrendMicro-HouseCall TROJ_GEN.R049C0PG818 20180918
Yandex Trojan.Agent!y4RvndrKg1s 20180917
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20180918
AhnLab-V3 20180918
Alibaba 20180713
Avast-Mobile 20180918
AVware 20180918
Babable 20180918
Baidu 20180914
Bkav 20180918
ClamAV 20180918
CMC 20180918
Comodo 20180918
Cybereason 20180225
DrWeb 20180918
eGambit 20180918
Jiangmin 20180918
Kingsoft 20180918
Malwarebytes 20180918
SUPERAntiSpyware 20180907
Symantec Mobile Insight 20180918
TACHYON 20180918
TheHacker 20180918
TotalDefense 20180918
Trustlook 20180918
VBA32 20180918
VIPRE 20180918
ViRobot 20180918
Webroot 20180918
Zillya 20180918
Zoner 20180917
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
dinosaur

Product element
Original name dictator.exe
Internal name caregiver
Description crew
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-07-06 03:45:19
Entry Point 0x0001795E
Number of sections 4
.NET details
Module Version ID 6b5faeba-a937-49c9-a9af-1a95b031cb07
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 2
RT_MANIFEST 1
RT_HTML 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 4
GERMAN 1
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
235008

ImageVersion
0.0

ProductName
element

FileVersionNumber
0.0.0.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

ImageFileCharacteristics
Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

LinkerVersion
6.0

FileTypeExtension
exe

OriginalFileName
dictator.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

TimeStamp
2018:07:06 05:45:19+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
caregiver

FileDescription
crew

OSVersion
4.0

FileOS
Unknown (0)

LegalCopyright
dinosaur

MachineType
Intel 386 or later, and compatibles

CodeSize
88576

FileSubtype
0

ProductVersionNumber
0.0.0.0

EntryPoint
0x1795e

ObjectFileType
Executable application

Execution parents
File identification
MD5 5665fa08c33f503f770344d8b225340c
SHA1 77b3c47efd424665eb1e178bd7842d26dcec3a92
SHA256 6516471849724c05b355a6a3e292c930a1d5b797b1246d219814c866c1d9b7ff
ssdeep
6144:puzKLVOA4YQRts3AG9Aw2QDFU1MduOzHOH5RzB:pTOHrf+2QD2ucO

authentihash 37ec9e18c3c9788931b8201af029f7a0287e7695b904bfe121fa58084d00756e
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 317.0 KB ( 324608 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (61.0%)
Win64 Executable (generic) (22.9%)
Win32 Dynamic Link Library (generic) (5.4%)
Win32 Executable (generic) (3.7%)
Win16/32 Executable Delphi generic (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-07-06 09:07:48 UTC ( 10 months, 3 weeks ago )
Last submission 2019-02-12 20:19:45 UTC ( 3 months, 1 week ago )
File names dictator.exe
IBKK7b.jpg
<SAMPLE.EXE>
codexgigas_77b3c47efd424665eb1e178bd7842d26dcec3a92
caregiver
6516471849724c05b355a6a3e292c930a1d5b797b1246d219814c866c1d9b7ff.exe
IBKK7B.JPG
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!