× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 72cb170e7aeba09466fb03d8a6806533b8e1060c888e5aa0038d2a95919d93b0
File name: okii.exe
Detection ratio: 11 / 68
Analysis date: 2018-04-22 23:48:22 UTC ( 10 months ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9988 20180421
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180418
Cybereason malicious.b7af8f 20180225
Cylance Unsafe 20180423
Endgame malicious (high confidence) 20180403
ESET-NOD32 a variant of MSIL/Kryptik.KGV 20180422
Sophos ML heuristic 20180121
McAfee-GW-Edition BehavesLike.Win32.Trojan.bc 20180423
Qihoo-360 HEUR/QVM03.0.AEB1.Malware.Gen 20180423
SentinelOne (Static ML) static engine - malicious 20180225
Symantec ML.Attribute.HighConfidence 20180422
Ad-Aware 20180422
AegisLab 20180422
AhnLab-V3 20180422
Alibaba 20180422
ALYac 20180422
Antiy-AVL 20180418
Arcabit 20180422
Avast 20180422
Avast-Mobile 20180422
AVG 20180422
Avira (no cloud) 20180422
AVware 20180422
Babable 20180406
BitDefender 20180422
Bkav 20180410
CAT-QuickHeal 20180422
ClamAV 20180422
CMC 20180422
Comodo 20180422
Cyren 20180422
DrWeb 20180422
eGambit 20180423
Emsisoft 20180422
F-Prot 20180422
F-Secure 20180405
Fortinet 20180422
GData 20180423
Ikarus 20180422
Jiangmin 20180422
K7AntiVirus 20180422
K7GW 20180422
Kaspersky 20180422
Kingsoft 20180423
Malwarebytes 20180422
MAX 20180423
McAfee 20180422
Microsoft 20180422
eScan 20180422
NANO-Antivirus 20180422
nProtect 20180422
Palo Alto Networks (Known Signatures) 20180423
Panda 20180422
Rising 20180422
Sophos AV 20180422
SUPERAntiSpyware 20180422
Symantec Mobile Insight 20180419
Tencent 20180423
TheHacker 20180423
TotalDefense 20180422
TrendMicro 20180422
TrendMicro-HouseCall 20180423
Trustlook 20180423
VBA32 20180420
VIPRE 20180422
ViRobot 20180422
Webroot 20180423
Yandex 20180420
Zillya 20180420
ZoneAlarm by Check Point 20180422
Zoner 20180422
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2018 Advantica Restaurant Group, Inc.

Product IIS request monitor
Original name okii.exe
Internal name okii.exe
File version 4.5.28.2
Description IIS request monitor
Comments jmpym3qkvdw
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-07-14 01:35:07
Entry Point 0x000B19DE
Number of sections 3
.NET details
Module Version ID 2a8d5834-d145-47b5-8e00-b44c3a21c2b8
TypeLib ID fb8d598d-d7ef-4bce-9371-cc52fc001b45
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
jmpym3qkvdw

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
4.5.28.2

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
IIS request monitor

CharacterSet
Unicode

InitializedDataSize
2560

EntryPoint
0xb19de

OriginalFileName
okii.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2018 Advantica Restaurant Group, Inc.

FileVersion
4.5.28.2

TimeStamp
2017:07:14 02:35:07+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
okii.exe

ProductVersion
4.5.28.2

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Advantica Restaurant Group, Inc.

CodeSize
719360

ProductName
IIS request monitor

ProductVersionNumber
4.5.28.2

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 48e5a02d0ee2f10903cb3cf609c1cd66
SHA1 4b94e30b7af8fca7dca0deb8dfc65b0fecb8da30
SHA256 72cb170e7aeba09466fb03d8a6806533b8e1060c888e5aa0038d2a95919d93b0
ssdeep
12288:Lc5R6mL7aq/+eh9NS6tp7i1jPay5nIneiN2ipZqd/M2VaZYu9t9BjVh8X2K:Gyq/xh9NS8u177nIneo2aZ2/M2mYx2

authentihash f9c31c5356cfa3742e3e3e76096ff9ee0f717d520aafdb80cc2ad51caf5e53a3
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 705.5 KB ( 722432 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (62.0%)
Win64 Executable (generic) (23.4%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.8%)
OS/2 Executable (generic) (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-04-22 23:48:22 UTC ( 10 months ago )
Last submission 2018-04-24 08:48:47 UTC ( 10 months ago )
File names okii.exe
output.113151031.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!