× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6ba553551c4f2f8aada2a35e2d03ddeb14c91d822cf21e908f50e77287c250d4
File name: ubot.studio5.PSEUDOBYTE.zip
Detection ratio: 26 / 58
Analysis date: 2017-07-05 05:56:27 UTC ( 1 year, 10 months ago ) View latest
Antivirus Result Update
AegisLab Troj.Confuser.Phzhy!c 20170705
ALYac Trojan.Generic.21553708 20170705
Antiy-AVL Trojan/Win32.BTSGeneric 20170705
Arcabit Trojan.Generic.D148E22C 20170705
Avast Win32:Malware-gen 20170705
AVG Win32:Malware-gen 20170705
Avira (no cloud) TR/Confuser.phzhy 20170704
AVware Trojan.Win32.Generic!BT 20170705
Baidu Multi.Threats.InArchive 20170705
BitDefender Trojan.Generic.21553708 20170705
Comodo UnclassifiedMalware 20170705
Cyren W32/Trojan.KUJH-0813 20170705
Emsisoft Trojan.Generic.21553708 (B) 20170705
ESET-NOD32 a variant of MSIL/Packed.Confuser.J suspicious 20170705
F-Secure Trojan.Generic.21553708 20170705
Fortinet PossibleThreat 20170629
GData Trojan.Generic.21553708 20170705
Sophos ML heuristic 20170607
K7AntiVirus Trojan ( 004b89791 ) 20170705
K7GW Trojan ( 004b89791 ) 20170705
MAX malware (ai score=83) 20170705
McAfee Artemis!7E05ED90A026 20170705
eScan Trojan.Generic.21553708 20170705
TrendMicro-HouseCall TROJ_GE.00761185 20170705
Yandex Riskware.Confuser! 20170704
Zillya Trojan.Selltim.Win32.1155 20170701
Ad-Aware 20170705
AhnLab-V3 20170704
Alibaba 20170705
CAT-QuickHeal 20170705
ClamAV 20170705
CMC 20170705
CrowdStrike Falcon (ML) 20170420
DrWeb 20170705
Endgame 20170629
F-Prot 20170705
Ikarus 20170704
Jiangmin 20170705
Kaspersky 20170705
Kingsoft 20170705
Malwarebytes 20170705
McAfee-GW-Edition 20170704
Microsoft 20170705
NANO-Antivirus 20170705
nProtect 20170705
Palo Alto Networks (Known Signatures) 20170705
Panda 20170704
Qihoo-360 20170705
Rising 20170705
SentinelOne (Static ML) 20170516
Sophos AV 20170705
SUPERAntiSpyware 20170704
Symantec 20170705
Symantec Mobile Insight 20170705
Tencent 20170705
TheHacker 20170704
Trustlook 20170705
VBA32 20170630
VIPRE 20170705
ViRobot 20170705
Webroot 20170705
WhiteArmor 20170627
ZoneAlarm by Check Point 20170705
Zoner 20170705
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
293
Uncompressed size
61480308
Highest datetime
2017-07-04 05:55:32
Lowest datetime
2014-04-17 22:25:00
Contained files by extension
nsh
86
nlf
58
dll
42
bmp
33
ico
31
exe
10
txt
2
bin
1
nfo
1
aff
1
dic
1
dat
1
ini
1
Contained files by type
unknown
184
Portable Executable
58
BMP
33
directory
17
XML
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x00000000

FileType
ZIP

ZipCompression
None

ZipUncompressedSize
0

ZipCompressedSize
0

FileTypeExtension
zip

ZipFileName
ubot.studio5.PSEUDOBYTE/

ZipBitFlag
0

ZipModifyDate
2017:07:04 05:55:32

Compressed bundles
File identification
MD5 236dfea9a4645efdaf4c843697c64c4a
SHA1 890f13a4a411696bcf3a7acdf408824627ef5558
SHA256 6ba553551c4f2f8aada2a35e2d03ddeb14c91d822cf21e908f50e77287c250d4
ssdeep
786432:roYRa3ByCJbXj+QWPzIm+OxfFDUCqM6tHwho:roYgRyyXj+QWPzIm+OlFDUvM6tHwho

File size 27.3 MB ( 28615427 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID Mozilla Firefox browser extension (61.5%)
ZIP compressed archive (30.7%)
PrintFox/Pagefox bitmap (var. P) (7.6%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2017-07-05 05:17:10 UTC ( 1 year, 10 months ago )
Last submission 2018-06-23 14:25:33 UTC ( 11 months ago )
File names ubot.studio5.PSEUDOBYTE.zip
ubot.studio5.pseudobyte.zip
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!