× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 67fcfc2a8a4fdcd1309450455f1a532ee8fb92d858c0857ca9b49ea4a84a3399
File name: Case_1527870.zip
Detection ratio: 43 / 55
Analysis date: 2016-01-07 03:30:10 UTC ( 2 years, 11 months ago )
Antivirus Result Update
Ad-Aware Trojan.GenericKD.2708428 20160106
Yandex Trojan.DL.Upatre! 20160105
ALYac Trojan.GenericKD.2708428 20160106
Antiy-AVL Trojan[Downloader]/Win32.Upatre 20160106
Avast Sf:ShellCode-FT [Trj] 20160106
AVG Crypt_s.JCU 20160106
Avira (no cloud) TR/Injector.hgf 20160106
AVware Trojan.Win32.Generic!BT 20160106
Baidu-International Trojan.Win32.Upatre.escm 20160105
BitDefender Trojan.GenericKD.2708428 20160106
CAT-QuickHeal TrojanDwnldr.Upatre.BX6 20160105
Comodo TrojWare.Win32.TrojanDownloader.Waski.NOM 20160106
Cyren W32/Backdoor.QERS-8605 20160106
Emsisoft Trojan.GenericKD.2708428 (B) 20160106
ESET-NOD32 Win32/TrojanDownloader.Waski.Z 20160106
F-Prot W32/Backdoor2.HZRW 20160106
F-Secure Trojan.GenericKD.2708428 20160106
Fortinet W32/Upatre.ESCM!tr.dldr 20160106
GData Trojan.GenericKD.2708428 20160106
Ikarus Trojan-Downloader.Win32.Waski 20160106
Jiangmin TrojanDownloader.Upatre.tts 20160105
K7AntiVirus Trojan ( 7000000c1 ) 20160105
K7GW Trojan-Downloader ( 004cd6141 ) 20160106
Kaspersky Trojan-Downloader.Win32.Upatre.escm 20160106
Malwarebytes Trojan.Upatre 20160106
McAfee Generic.xg 20160106
McAfee-GW-Edition BehavesLike.Downloader.lc 20160106
Microsoft TrojanDownloader:Win32/Upatre 20160106
eScan Trojan.GenericKD.2708428 20160106
NANO-Antivirus Trojan.Win32.Trojan.dxrrsj 20160106
nProtect Trojan.GenericKD.2708428 20160105
Panda Trj/WLT.B 20160105
Qihoo-360 HEUR/QVM20.1.Malware.Gen 20160107
Rising PE:Malware.RDM.22!5.1C [F] 20160105
Sophos AV Mal/DrodZp-A 20160106
TotalDefense Heur/Downloader.ZALX!suspicious 20160105
TrendMicro TROJ_UP.EDB42858 20160106
TrendMicro-HouseCall TROJ_UP.EDB42858 20160106
VBA32 TrojanDownloader.Upatre 20160105
VIPRE Trojan.Win32.Generic!BT 20160106
ViRobot Trojan.Win32.Upatre.30208.AG[h] 20160106
Zillya Downloader.Upatre.Win32.53268 20160106
Zoner Trojan.Upatre 20160106
AegisLab 20160105
AhnLab-V3 20160105
Alibaba 20160106
Arcabit 20160106
Bkav 20160105
ByteHero 20160107
ClamAV 20160105
CMC 20160104
DrWeb 20160106
SUPERAntiSpyware 20160106
Symantec 20160105
TheHacker 20160103
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
1
Uncompressed size
30208
Highest datetime
2015-09-07 00:48:56
Lowest datetime
2015-09-07 00:48:56
Contained files by extension
scr
1
Contained files by type
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0xe66fc40f

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
30208

ZipCompressedSize
15919

FileTypeExtension
zip

ZipFileName
Case_0043258.scr

ZipBitFlag
0

ZipModifyDate
2015:09:07 00:48:28

File identification
MD5 0b656cf2d1ea931b7c5d882ec68e45bf
SHA1 97b0c0dd4b774c19a64c1575b946696ee8044c91
SHA256 67fcfc2a8a4fdcd1309450455f1a532ee8fb92d858c0857ca9b49ea4a84a3399
ssdeep
192:8EQeenBQFDQO+nnnnnnQQN99VKmWa7EZbgNGHioIxq+T6334PHytBblWzZfRYgo7:8EQ1KNuP3NoioEqO6H6HphyhMOE/701J

File size 15.7 KB ( 16049 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe attachment zip

VirusTotal metadata
First submission 2015-09-07 11:35:40 UTC ( 3 years, 3 months ago )
Last submission 2015-09-08 08:29:03 UTC ( 3 years, 3 months ago )
File names 97B0C0DD4B774C19A64C1575B946696EE8044C91
39dfbfe488ff99d77ac0d6614dbbb8cd
Case_9938276.zip
Case_4106067.zip
Case_5760566.zip
Case_8721714.zip
2be88a5291177991c8d686b9355fa56d
97b0c0dd4b774c19a64c1575b946696ee8044c91.zip
Case_1527870.zip
Case_0762123.zip
Case_0129407.zip
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: Suspicious_GEN.F47V0907.

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!