× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7005535e034576fdb66b5b32eb198b48d7755758e77bd66909f8dd7288c1e069
File name: 7005535e034576fdb66b5b32eb198b48d7755758e77bd66909f8dd7288c1e069
Detection ratio: 7 / 66
Analysis date: 2018-01-24 12:30:03 UTC ( 1 year, 3 months ago ) View latest
Antivirus Result Update
Avast Win64:Malware-gen 20180124
AVG Win64:Malware-gen 20180124
Avira (no cloud) TR/AD.Gojdue.hrhsh 20180124
AVware Trojan.Win32.Generic!BT 20180124
Cylance Unsafe 20180124
eGambit Unsafe.AI_Score_97% 20180124
VIPRE Trojan.Win32.Generic!BT 20180124
Ad-Aware 20180124
AegisLab 20180124
AhnLab-V3 20180124
Alibaba 20180124
ALYac 20180124
Antiy-AVL 20180124
Arcabit 20180124
Avast-Mobile 20180123
Baidu 20180124
BitDefender 20180124
Bkav 20180124
CAT-QuickHeal 20180124
ClamAV 20180124
CMC 20180124
Comodo 20180124
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cyren 20180124
DrWeb 20180124
Emsisoft 20180124
Endgame 20171130
ESET-NOD32 20180124
F-Prot 20180124
Fortinet 20180124
GData 20180124
Ikarus 20180124
Sophos ML 20180121
Jiangmin 20180124
K7AntiVirus 20180124
K7GW 20180124
Kaspersky 20180124
Kingsoft 20180124
Malwarebytes 20180124
MAX 20180124
McAfee 20180124
McAfee-GW-Edition 20180124
Microsoft 20180124
eScan 20180124
NANO-Antivirus 20180124
nProtect 20180124
Palo Alto Networks (Known Signatures) 20180124
Panda 20180123
Qihoo-360 20180124
Rising 20180124
SentinelOne (Static ML) 20180115
Sophos AV 20180124
SUPERAntiSpyware 20180124
Symantec 20180124
Symantec Mobile Insight 20180124
Tencent 20180124
TheHacker 20180119
TotalDefense 20180124
TrendMicro 20180124
TrendMicro-HouseCall 20180124
Trustlook 20180124
VBA32 20180124
ViRobot 20180124
Webroot 20180124
Yandex 20180112
Zillya 20180123
ZoneAlarm by Check Point 20180124
Zoner 20180124
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem that targets 64bit architectures.
FileVersionInfo properties
Packers identified
F-PROT appended, embedded
PE header basic information
Target machine x64
Entry Point 0x00057C70
Number of sections 12
PE sections
PE imports
GetStdHandle
GetSystemInfo
LoadLibraryW
WaitForSingleObject
SetEvent
ExitProcess
GetEnvironmentStringsW
LoadLibraryA
GetQueuedCompletionStatus
SwitchToThread
GetConsoleMode
SetConsoleCtrlHandler
CreateIoCompletionPort
SetProcessPriorityBoost
SetErrorMode
FreeEnvironmentStringsW
GetProcAddress
CreateThread
SetUnhandledExceptionFilter
WriteFile
CloseHandle
DuplicateHandle
AddVectoredExceptionHandler
GetProcessAffinityMask
VirtualFree
CreateEventA
SetWaitableTimer
VirtualAlloc
WriteConsoleW
timeEndPeriod
timeBeginPeriod
WSAGetOverlappedResult
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
AMD AMD64

FileTypeExtension
exe

TimeStamp
0000:00:00 00:00:00

FileType
Win64 EXE

PEType
PE32+

CodeSize
3636224

LinkerVersion
3.0

ImageFileCharacteristics
No relocs, Executable, Large address aware, No debug

EntryPoint
0x57c70

InitializedDataSize
217088

SubsystemVersion
4.0

ImageVersion
1.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 493640f022a7ac07ad4e8d6f2cd3740e
SHA1 4c4a1df308e415ab356d93ff4c5884f551e40cf5
SHA256 7005535e034576fdb66b5b32eb198b48d7755758e77bd66909f8dd7288c1e069
ssdeep
49152:U6q9fOpwcf1pHot9E4IaCf1kin7N0Iu1YES/N4ggvewaFSenC00qTQeVptYt1dmT:ofk3oC9n7N0Iu19SV4ISeLQevtYVmS

authentihash 746d1fb55598ca1b1c883a844033974515c6bbc9ee87efb13291a653361182a3
imphash 96c44fa1eee2c4e9b9e77d7bf42d59e6
File size 5.3 MB ( 5580288 bytes )
File type Win32 EXE
Magic literal
PE32+ executable for MS Windows (GUI) Mono/.Net assembly

TrID Win64 Executable (generic) (82.0%)
OS/2 Executable (generic) (6.0%)
Generic Win/DOS Executable (5.9%)
DOS Executable Generic (5.9%)
VXD Driver (0.0%)
Tags
64bits peexe assembly

VirusTotal metadata
First submission 2018-01-24 12:30:03 UTC ( 1 year, 3 months ago )
Last submission 2018-10-04 21:47:44 UTC ( 7 months, 2 weeks ago )
File names 493640f022a7ac07ad4e8d6f2cd3740e.virus
7005535e034576fdb66b5b32eb198b48d7755758e77bd66909f8dd7288c1e069
7005535e034576fdb66b5b32eb198b48d7755758e77bd66909f8dd7288c1e069
493640f022a7ac07ad4e8d6f2cd3740e.bin
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!