× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 70d1052338ab2046785fd504e70411d300282b2d57cbeb95c6d4a94cf354778c
File name: output.113049857.txt
Detection ratio: 14 / 68
Analysis date: 2018-04-09 23:49:19 UTC ( 10 months, 2 weeks ago ) View latest
Antivirus Result Update
AVware Trojan.Win32.Generic.pak!cobra 20180409
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180409
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170201
Cybereason malicious.6c3ac0 20180225
Cylance Unsafe 20180410
Endgame malicious (high confidence) 20180403
Ikarus Trojan.Crypt2 20180409
Sophos ML heuristic 20180121
Kaspersky UDS:DangerousObject.Multi.Generic 20180409
Qihoo-360 HEUR/QVM03.0.65B9.Malware.Gen 20180410
SentinelOne (Static ML) static engine - malicious 20180225
Symantec ML.Attribute.HighConfidence 20180410
VIPRE Trojan.Win32.Generic.pak!cobra 20180409
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180409
Ad-Aware 20180409
AegisLab 20180409
AhnLab-V3 20180409
Alibaba 20180409
ALYac 20180409
Antiy-AVL 20180409
Arcabit 20180409
Avast 20180409
Avast-Mobile 20180409
AVG 20180409
Avira (no cloud) 20180409
BitDefender 20180409
Bkav 20180409
CAT-QuickHeal 20180409
ClamAV 20180409
CMC 20180409
Comodo 20180409
Cyren 20180409
DrWeb 20180409
eGambit 20180410
Emsisoft 20180409
ESET-NOD32 20180409
F-Prot 20180409
F-Secure 20180409
Fortinet 20180409
GData 20180409
Jiangmin 20180409
K7AntiVirus 20180409
K7GW 20180409
Kingsoft 20180410
Malwarebytes 20180409
MAX 20180410
McAfee 20180409
McAfee-GW-Edition 20180409
Microsoft 20180409
eScan 20180409
NANO-Antivirus 20180409
nProtect 20180409
Palo Alto Networks (Known Signatures) 20180410
Panda 20180409
Rising 20180409
Sophos AV 20180409
SUPERAntiSpyware 20180409
Symantec Mobile Insight 20180406
Tencent 20180410
TheHacker 20180404
TotalDefense 20180410
TrendMicro 20180410
TrendMicro-HouseCall 20180410
Trustlook 20180410
VBA32 20180409
ViRobot 20180409
Webroot 20180410
WhiteArmor 20180408
Yandex 20180408
Zillya 20180409
Zoner 20180409
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
3cL7Kf1AXcf7bEceNGANnseups2hmSxqmgrDF7YN3iGf4h5UC7eNjYkKlDB

Product dDiOhdKALhvNfx9MjInq6MdK8JYPNgymTehCMebxzHQ3lgSi9LDLsoPbmmA
Original name adobe.exe
Internal name adobe.exe
File version 14.0.21.55
Description FzU09bNoih1i1BaGLB2etmYdtP11m6kbUun4K29UAkFcQdn5rf86wZSfvxC
Comments PRoCT66yazfqfpt5knlnYzDPuSAfvR1cmEN17367v5QeCLmOifl8uq0R0OH
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-04-09 18:53:45
Entry Point 0x0002DF4E
Number of sections 3
.NET details
Module Version ID 751714ee-0b83-436b-9f89-488fd5d14f5a
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 3
PE resources
ExifTool file metadata
FileDescription
FzU09bNoih1i1BaGLB2etmYdtP11m6kbUun4K29UAkFcQdn5rf86wZSfvxC

Comments
PRoCT66yazfqfpt5knlnYzDPuSAfvR1cmEN17367v5QeCLmOifl8uq0R0OH

InitializedDataSize
70144

ImageVersion
0.0

ProductName
dDiOhdKALhvNfx9MjInq6MdK8JYPNgymTehCMebxzHQ3lgSi9LDLsoPbmmA

FileVersionNumber
14.0.21.55

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
8.0

FileTypeExtension
exe

OriginalFileName
adobe.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
14.0.21.55

TimeStamp
2018:04:09 19:53:45+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
adobe.exe

SubsystemVersion
4.0

ProductVersion
14.0.21.55

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

LegalCopyright
3cL7Kf1AXcf7bEceNGANnseups2hmSxqmgrDF7YN3iGf4h5UC7eNjYkKlDB

MachineType
Intel 386 or later, and compatibles

CompanyName
QU7La7RAXnh7MBvWVVbV2a5Nd8cvwZsOviOqFOEb6SFIBjooGrNW8O3hAoZ

CodeSize
180224

FileSubtype
0

ProductVersionNumber
14.0.21.55

EntryPoint
0x2df4e

ObjectFileType
Executable application

AssemblyVersion
51.34.62.17

File identification
MD5 2acef722f6ea28711acebedf0aef4ba2
SHA1 5b25d446c3ac07c9bb46911e40e0f6158d18d0fd
SHA256 70d1052338ab2046785fd504e70411d300282b2d57cbeb95c6d4a94cf354778c
ssdeep
6144:ytrBpfNo3EYVEBoZwlLTvjfgGg5GG7cN5ZihOeygt1mEcbu:EjK3EYCBOwlLT7I0qcdiJV

authentihash bab3fec857f9179c2809d83ee15182c47de699dcd3d77a193bed1ff26e932181
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 245.0 KB ( 250880 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-04-09 23:49:19 UTC ( 10 months, 2 weeks ago )
Last submission 2018-04-09 23:49:19 UTC ( 10 months, 2 weeks ago )
File names output.113049857.txt
adobe.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!