× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6e4b366960df6eebd90e403d0c2ff4c2c24a60be9ed71daff71c24737507dd84
Detection ratio: 1 / 49
Analysis date: 2017-11-08 22:39:15 UTC ( 1 year, 3 months ago )
Antivirus Result Update
AegisLab Malware.Gen!c 20171109
Ad-Aware 20171109
AhnLab-V3 20171109
Alibaba 20170911
ALYac 20171109
Antiy-AVL 20171109
Arcabit 20171109
Avast-Mobile 20171109
Avira (no cloud) 20171109
Baidu 20171109
BitDefender 20171109
CAT-QuickHeal 20171109
ClamAV 20171109
CMC 20171109
Comodo 20171109
CrowdStrike Falcon (ML) 20171016
Cybereason 20171030
Cylance 20171109
Cyren 20171109
DrWeb 20171109
eGambit 20171109
Emsisoft 20171109
Endgame 20171024
ESET-NOD32 20171109
F-Secure 20171109
Fortinet 20171109
Ikarus 20171109
Sophos ML 20170914
K7AntiVirus 20171109
K7GW 20171109
Kaspersky 20171109
Kingsoft 20171109
MAX 20171109
eScan 20171109
NANO-Antivirus 20171109
nProtect 20171109
Palo Alto Networks (Known Signatures) 20171109
Panda 20171109
Qihoo-360 20171109
SentinelOne (Static ML) 20171019
Sophos AV 20171109
SUPERAntiSpyware 20171109
Symantec 20171109
Symantec Mobile Insight 20171109
Tencent 20171109
TheHacker 20171102
TotalDefense 20171109
TrendMicro-HouseCall 20171109
Trustlook 20171109
VBA32 20171109
VIPRE 20171109
ViRobot 20171109
Webroot 20171109
WhiteArmor 20171104
Yandex 20171108
Zillya 20171108
ZoneAlarm by Check Point 20171109
Zoner 20171109
The file being studied is a compressed stream! More specifically, it is a RAR file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
1
Uncompressed size
10598812
Highest datetime
2014-12-31 16:22:12
Lowest datetime
2014-12-31 16:22:12
Contained files by extension
exe
1
Contained files by type
Portable Executable
1
ExifTool file metadata
MIMEType
application/x-rar-compressed

ModifyDate
2014:12:31 16:22:06

FileType
RAR

PackingMethod
Stored

CompressedSize
10598872

FileTypeExtension
rar

ArchivedFileName
This_War_of_Mine_TR_Yama_v1.00.exe

UncompressedSize
10598812

OperatingSystem
Win32

File identification
MD5 d3d47663f899108b441a881108369b6a
SHA1 a3d4b97a2bf4c249722ba4d80d4022b5e41bd330
SHA256 6e4b366960df6eebd90e403d0c2ff4c2c24a60be9ed71daff71c24737507dd84
ssdeep
196608:4NiCePVNMyO/2gOq2xPlRW41UzBQlaoAllbfzF1F+w4WVZ:4nONLpvxNRWLQsxrDLrZ

File size 10.1 MB ( 10598910 bytes )
File type RAR
Magic literal
Win32

TrID RAR compressed archive (v-4.x) (58.3%)
RAR compressed archive (gen) (41.6%)
Tags
nsis contains-pe rar upx

VirusTotal metadata
First submission 2015-01-11 20:23:33 UTC ( 4 years, 1 month ago )
Last submission 2017-11-08 22:39:15 UTC ( 1 year, 3 months ago )
File names TYTWOMTYV100.rar
24Nmi8wiDB.rar
file-7906671_rar
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: Suspici.B3D8636C.

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!