× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6893d15f2a8609a99929ad652b568f8a3361a6244e3293f92a0e7e2be116ea72
File name: 4fc8e5a67b1716d58950aa29880268b3a810dc1c
Detection ratio: 44 / 57
Analysis date: 2016-04-15 02:10:09 UTC ( 11 months, 2 weeks ago )
Antivirus Result Update
Ad-Aware Trojan.Zbot.7403 20160415
AhnLab-V3 Trojan/Win32.Ransomlock 20160414
ALYac Trojan.Zbot.7403 20160415
Antiy-AVL Trojan[Spy]/Win32.Zbot 20160415
Arcabit Trojan.Zbot.D1CEB 20160415
Avast Win32:Injector-BTR [Trj] 20160415
AVG Crypt3.EVY 20160415
Avira (no cloud) TR/Crypt.ZPACK.Gen2 20160414
AVware Trojan-Ransom.Win32.Crypren.pql (v) 20160415
Baidu-International Trojan.Win32.Zbot.AAO 20160414
BitDefender Trojan.Zbot.7403 20160415
Bkav HW32.Packed.974E 20160414
CAT-QuickHeal Trojan.CeeInject.A4 20160414
Comodo TrojWare.Win32.Injector.BALM 20160415
DrWeb Trojan.Winlock.9017 20160415
Emsisoft Trojan.Zbot.7403 (B) 20160415
ESET-NOD32 Win32/Spy.Zbot.AAO 20160415
F-Secure Trojan.Zbot.7403 20160415
Fortinet W32/Kryptik.BYE!tr 20160413
GData Trojan.Zbot.7403 20160415
Ikarus Trojan.Inject2 20160414
Jiangmin KVBASE 20160415
K7AntiVirus Trojan ( 004978b91 ) 20160414
K7GW Trojan ( 004978b91 ) 20160415
Kaspersky HEUR:Trojan.Win32.Generic 20160415
Kingsoft Win32.Troj.Undef.(kcloud) 20160415
Malwarebytes Trojan.Agent.ED 20160415
McAfee Generic-FAUT!A2131D8DF871 20160415
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.fc 20160415
Microsoft Trojan:Win32/Bagsu!rfn 20160415
eScan Trojan.Zbot.7403 20160415
NANO-Antivirus Trojan.Win32.Winlock.dscwmp 20160415
nProtect Trojan-Spy/W32.ZBot.312320.YA 20160414
Panda Generic Malware 20160414
Qihoo-360 HEUR/Malware.QVM20.Gen 20160415
Rising PE:Malware.Generic/QRS!1.9E2D [F] 20160415
Sophos Troj/HkMain-Y 20160414
Symantec Trojan.Zbot 20160415
Tencent Win32.Trojan.Generic.Lipv 20160415
TrendMicro TSPY_ZBOT.YYDDD 20160415
TrendMicro-HouseCall TSPY_ZBOT.YYDDD 20160415
VBA32 Trojan.Cidox 20160414
VIPRE Trojan-Ransom.Win32.Crypren.pql (v) 20160415
Yandex TrojanSpy.Zbot!EIcuKsu2RbY 20160414
AegisLab 20160414
Alibaba 20160414
Baidu 20160414
ClamAV 20160414
CMC 20160412
Cyren 20160415
F-Prot 20160415
SUPERAntiSpyware 20160415
TheHacker 20160414
TotalDefense 20160415
ViRobot 20160415
Zillya 20160414
Zoner 20160415
File identification
MD5 a2131d8df8713f5be64b69d20c52a262
SHA1 4fc8e5a67b1716d58950aa29880268b3a810dc1c
SHA256 6893d15f2a8609a99929ad652b568f8a3361a6244e3293f92a0e7e2be116ea72
ssdeep
6144:IAaQec+H/r9eQqHNCA20ZCe+aF2CpMzTJKwWwlfMxhO0Z1meFto1T4ZPk:IAaQez+HNCxe+aFjpMzdWwlfSOJOZPk

authentihash d2ed1ab020c6c2cbcfb4f03522450fda35f6232548bff6860863cc8719090f9f
File size 305.0 KB ( 312320 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe

VirusTotal metadata
First submission 2014-03-26 18:31:47 UTC ( 3 years ago )
Last submission 2014-03-26 18:31:47 UTC ( 3 years ago )
File names 4fc8e5a67b1716d58950aa29880268b3a810dc1c
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Opened mutexes
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.