× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 67fe903d5f661a4b19340f773bc94ac3e0ea8f46f459d552fe868731ae6175f7
File name: best.exe_
Detection ratio: 20 / 69
Analysis date: 2018-09-25 07:14:09 UTC ( 7 months, 4 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Ursu.220124 20180925
ALYac Gen:Variant.Ursu.220124 20180925
Arcabit Trojan.Ursu.D35BDC 20180925
BitDefender Gen:Variant.Ursu.220124 20180925
Bkav W32.HfsAutoB. 20180924
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20180723
Cylance Unsafe 20180925
Emsisoft Gen:Variant.Ursu.220124 (B) 20180925
Endgame malicious (high confidence) 20180730
F-Secure Gen:Variant.Ursu.220124 20180925
GData Gen:Variant.Ursu.220124 20180925
Ikarus Win32.Outbreak 20180924
Sophos ML heuristic 20180717
Kaspersky UDS:DangerousObject.Multi.Generic 20180925
MAX malware (ai score=85) 20180925
Microsoft Trojan:Win32/Fuerboos.E!cl 20180925
eScan Gen:Variant.Ursu.220124 20180925
Qihoo-360 HEUR/QVM19.1.18EB.Malware.Gen 20180925
Rising Malware.Heuristic!ET#93% (RDM+:cmRtazrAWy4XN9Nrg6YGS8D4P/fi) 20180925
SentinelOne (Static ML) static engine - malicious 20180830
AegisLab 20180925
AhnLab-V3 20180924
Alibaba 20180921
Antiy-AVL 20180925
Avast 20180925
Avast-Mobile 20180925
AVG 20180925
Avira (no cloud) 20180925
AVware 20180925
Babable 20180918
Baidu 20180925
CAT-QuickHeal 20180923
ClamAV 20180924
CMC 20180924
Comodo 20180925
Cybereason 20180225
Cyren 20180925
DrWeb 20180925
eGambit 20180925
ESET-NOD32 20180925
F-Prot 20180925
Fortinet 20180925
Jiangmin 20180925
K7AntiVirus 20180925
K7GW 20180925
Kingsoft 20180925
Malwarebytes 20180925
McAfee 20180925
McAfee-GW-Edition 20180925
NANO-Antivirus 20180925
Palo Alto Networks (Known Signatures) 20180925
Panda 20180924
Sophos AV 20180925
SUPERAntiSpyware 20180907
Symantec 20180925
Symantec Mobile Insight 20180924
TACHYON 20180925
Tencent 20180925
TheHacker 20180924
TotalDefense 20180925
TrendMicro 20180925
TrendMicro-HouseCall 20180925
Trustlook 20180925
VBA32 20180924
VIPRE 20180925
ViRobot 20180924
Webroot 20180925
Yandex 20180924
Zillya 20180924
ZoneAlarm by Check Point 20180925
Zoner 20180924
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(C) 2016 philandro Software GmbH

Product AnyDesk
File version 3.2.4.0
Description AnyDesk
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x004FB000
Number of sections 6
PE sections
PE imports
InitCommonControls
Number of PE resources by type
RT_BITMAP 38
RT_RCDATA 32
RT_STRING 18
RT_GROUP_CURSOR 7
RT_CURSOR 7
RT_ICON 3
RT_DIALOG 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 81
RUSSIAN 22
ARABIC EGYPT 4
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
2.25

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.2.4.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
AnyDesk

ImageFileCharacteristics
Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi

CharacterSet
Windows, Latin1

InitializedDataSize
404480

EntryPoint
0x4fb000

MIMEType
application/octet-stream

LegalCopyright
(C) 2016 philandro Software GmbH

FileVersion
3.2.4.0

TimeStamp
1992:06:20 00:22:17+02:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
3.2

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Unknown (0)

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
philandro Software GmbH

CodeSize
605184

ProductName
AnyDesk

ProductVersionNumber
0.0.0.0

Warning
Possibly corrupt Version resource

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 2515bd45c12e30be94ed6790c9c892ab
SHA1 5ba8d18b0b74fc5bb3745ee07a464bffc79768fb
SHA256 67fe903d5f661a4b19340f773bc94ac3e0ea8f46f459d552fe868731ae6175f7
ssdeep
49152:+kItzT0ey1C0bvSMn1v/Mr2WMkxoVypXzZoLwM86YsrTi:2tzTVMC5M13kUkoEM81Ou

authentihash d92e8d1e61b02ce4ac516a65a1ce802834a30238bf4d18bb6ed62d5e4a5e43a3
imphash baa93d47220682c04d92f7797d9224ce
File size 2.0 MB ( 2066944 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (35.7%)
Win16/32 Executable Delphi generic (16.4%)
OS/2 Executable (generic) (16.0%)
Generic Win/DOS Executable (15.8%)
DOS Executable Generic (15.8%)
Tags
peexe

VirusTotal metadata
First submission 2018-09-25 07:14:09 UTC ( 7 months, 4 weeks ago )
Last submission 2018-09-25 07:14:09 UTC ( 7 months, 4 weeks ago )
File names best.exe
best.exe_
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Runtime DLLs