× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7145224d260ac8703f839cd266400abcbd64e174089dfab4e0b14806aa644820
File name: APKSSL230459.exe
Detection ratio: 12 / 68
Analysis date: 2018-08-12 15:41:27 UTC ( 7 months, 2 weeks ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9992 20180810
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cybereason malicious.d01e10 20180225
Cylance Unsafe 20180812
Cyren W32/MSIL_Kryptik.BX.gen!Eldorado 20180812
ESET-NOD32 a variant of MSIL/Kryptik.PFC 20180812
F-Prot W32/MSIL_Kryptik.BX.gen!Eldorado 20180812
Sophos ML heuristic 20180717
McAfee-GW-Edition BehavesLike.Win32.Generic.ht 20180812
Qihoo-360 HEUR/QVM03.0.2299.Malware.Gen 20180812
SentinelOne (Static ML) static engine - malicious 20180701
Symantec ML.Attribute.HighConfidence 20180811
Ad-Aware 20180812
AegisLab 20180812
AhnLab-V3 20180812
Alibaba 20180713
ALYac 20180812
Antiy-AVL 20180812
Arcabit 20180812
Avast 20180812
Avast-Mobile 20180812
AVG 20180812
Avira (no cloud) 20180812
AVware 20180812
Babable 20180725
BitDefender 20180812
Bkav 20180810
CAT-QuickHeal 20180812
ClamAV 20180812
CMC 20180812
Comodo 20180812
DrWeb 20180812
eGambit 20180812
Emsisoft 20180812
Endgame 20180730
F-Secure 20180812
Fortinet 20180812
GData 20180812
Ikarus 20180812
Jiangmin 20180812
K7AntiVirus 20180812
K7GW 20180812
Kaspersky 20180812
Kingsoft 20180812
Malwarebytes 20180812
MAX 20180812
McAfee 20180812
Microsoft 20180812
eScan 20180812
NANO-Antivirus 20180812
Palo Alto Networks (Known Signatures) 20180812
Panda 20180812
Rising 20180812
Sophos AV 20180812
SUPERAntiSpyware 20180812
Symantec Mobile Insight 20180809
TACHYON 20180812
Tencent 20180812
TheHacker 20180812
TotalDefense 20180812
TrendMicro 20180812
TrendMicro-HouseCall 20180812
Trustlook 20180812
VBA32 20180810
VIPRE 20180812
ViRobot 20180812
Webroot 20180812
Yandex 20180810
Zillya 20180812
ZoneAlarm by Check Point 20180812
Zoner 20180811
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2018 Hughes Supply Inc.

Product Dynamic IP Restriction Module
Original name DOMINGO.exe
Internal name DOMINGO.exe
File version 15.12.34.4
Description Dynamic IP Restriction Module
Comments uwezupesurizawazoduwakeq
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1977-11-07 17:17:07
Entry Point 0x0009600A
Number of sections 5
.NET details
Module Version ID 3c352797-a9b8-4407-9bb3-aaeb4066244c
TypeLib ID aef043bc-f320-4044-b1a4-6be983b03684
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 6
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 9
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
uwezupesurizawazoduwakeq

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
15.12.34.4

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Dynamic IP Restriction Module

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
557056

EntryPoint
0x9600a

OriginalFileName
DOMINGO.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2018 Hughes Supply Inc.

FileVersion
15.12.34.4

TimeStamp
1977:11:07 18:17:07+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
DOMINGO.exe

ProductVersion
15.12.34.4

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Hughes Supply Inc.

CodeSize
25600

ProductName
Dynamic IP Restriction Module

ProductVersionNumber
15.12.34.4

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 f020ac2bb24700cd2774bb191132c633
SHA1 ee637f8d01e107fcb6c1dcd8eda56127e7843d0b
SHA256 7145224d260ac8703f839cd266400abcbd64e174089dfab4e0b14806aa644820
ssdeep
6144:Xt2MVxyahQlE6aOgq6PYaXTcWqgqd/KUhUii:XtX/kUYcPqdrB

authentihash c5a5a2604a98fe9f408c14c555f3bc388d2b5d4eecd9f1000d686fca7caa88e1
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 570.0 KB ( 583680 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-08-12 15:41:27 UTC ( 7 months, 2 weeks ago )
Last submission 2018-08-12 20:36:36 UTC ( 7 months, 2 weeks ago )
File names output.113736514.txt
Apkwins465.exe
APKSSL230459.exe
DOMINGO.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!