× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 745a29734e00f669d4b90b1197dad7b7f7e1781ba2e910b78430f5f643ee8e00
File name: DE06A520DDFBEB972C29DAC995422C7E91B00424.apk
Detection ratio: 53 / 63
Analysis date: 2017-12-08 10:13:41 UTC ( 3 days, 5 hours ago )
Antivirus Result Update
AegisLab W32.W.Cridex.pox!c 20171208
AhnLab-V3 Spyware/Win32.Zbot.R153506 20171208
ALYac Trojan.AgentWDCR.QD 20171208
Antiy-AVL Worm/Win32.Cridex 20171208
Arcabit Trojan.AgentWDCR.QD 20171208
Avast Win32:Cridex-AD [Trj] 20171208
AVG Win32:Cridex-AD [Trj] 20171208
Avira (no cloud) WORM/Cridex.E.562 20171208
AVware Worm.Win32.Cridex.ac (v) 20171208
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20171208
BitDefender Trojan.AgentWDCR.QD 20171208
CAT-QuickHeal Worm.Cridex 20171208
ClamAV Win.Trojan.Emotet-6378875-0 20171208
Comodo UnclassifiedMalware 20171208
Cylance Unsafe 20171208
Cyren W32/Trojan.EHYM-2903 20171208
DrWeb Trojan.Necurs.97 20171208
Emsisoft Trojan.AgentWDCR.QD (B) 20171208
ESET-NOD32 Win32/Cridex.AA 20171208
F-Prot W32/Trojan2.OCUJ 20171208
F-Secure Trojan.AgentWDCR.QD 20171208
Fortinet W32/Kryptik.BSHF!tr 20171208
GData Trojan.AgentWDCR.QD 20171208
Ikarus Worm.Cridex 20171208
Sophos ML heuristic 20170914
Jiangmin Worm/Cridex.ht 20171208
K7AntiVirus Trojan ( 004939511 ) 20171208
K7GW Trojan ( 004939511 ) 20171208
Kaspersky Worm.Win32.Cridex.pox 20171208
Kingsoft VIRUS_UNKNOWN 20171208
Malwarebytes Spyware.Zbot 20171208
MAX malware (ai score=100) 20171208
McAfee Generic.sh 20171208
McAfee-GW-Edition BehavesLike.PUPXAQ.cc 20171208
Microsoft Worm:Win32/Cridex.E 20171208
eScan Trojan.AgentWDCR.QD 20171208
NANO-Antivirus Trojan.Win32.Cridex.ctibbt 20171208
Panda Trj/WLT.A 20171208
Qihoo-360 Win32/Trojan.894 20171208
Rising Worm.Win32.Cridex.ai (CLASSIC) 20171208
Sophos AV Mal/Emotet-A 20171208
Symantec SecurityRisk.gen1 20171208
Tencent Win32.Worm.Cridex.Lkxh 20171208
TheHacker Trojan/Cridex.aa 20171205
TotalDefense Win32/Cridex.LA 20171208
TrendMicro WORM_CRIDEX.NU 20171208
TrendMicro-HouseCall WORM_CRIDEX.NU 20171208
VBA32 Worm.Cridex 20171207
VIPRE Worm.Win32.Cridex.ac (v) 20171208
Webroot W32.Malware.Gen 20171208
Yandex Trojan.Kazy!7mHNeHPi/Ck 20171208
ZoneAlarm by Check Point Worm.Win32.Cridex.pox 20171208
Zoner I-Worm.Cridex.AA 20171208
Ad-Aware 20171208
Alibaba 20171208
Avast-Mobile 20171208
Bkav 20171207
CMC 20171208
CrowdStrike Falcon (ML) 20171016
Cybereason None
eGambit 20171208
Endgame 20171130
nProtect 20171208
Palo Alto Networks (Known Signatures) 20171208
SentinelOne (Static ML) 20171207
SUPERAntiSpyware 20171208
Symantec Mobile Insight 20171207
Trustlook 20171208
ViRobot 20171208
WhiteArmor 20171204
Zillya 20171207
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
1
Uncompressed size
167936
Highest datetime
2014-01-16 21:28:40
Lowest datetime
2014-01-16 21:28:40
Contained files by extension
exe
1
Contained files by type
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x42a77123

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
167936

ZipCompressedSize
108041

FileTypeExtension
zip

ZipFileName
Kunden_Kreditvertrag_ID_00299487366292974_Monat_Januar_2014_FinanzGruppe_Volksbanken_Raiffeisenbanken.exe

ZipBitFlag
0

ZipModifyDate
2014:01:16 21:28:20

Compressed bundles
File identification
MD5 a09dd5c454693a0cc9d877dff371b9fc
SHA1 de06a520ddfbeb972c29dac995422c7e91b00424
SHA256 745a29734e00f669d4b90b1197dad7b7f7e1781ba2e910b78430f5f643ee8e00
ssdeep
3072:9GiToxIkMLjXDuHtO22eTAyeOkQOMJJlmCiUalNmG5:8QgqjTuHv5AydkQOMJTqUal/

File size 105.8 KB ( 108349 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2014-01-16 20:17:25 UTC ( 3 years, 10 months ago )
Last submission 2017-12-08 10:13:41 UTC ( 3 days, 5 hours ago )
File names aa
file-6483770_zip
DE06A520DDFBEB972C29DAC995422C7E91B00424.apk
xZTsb.ocx
Kunden_Kreditvertrag_ID_002994873662929741.zip
Kunden_Kreditvertrag_ID_00299487366292974(1).zip
19533959
SX1X2Lh.gz
output.19533959.txt
2773f3c8d4e6116ff171b372364b170dc86d4dea
Kunden_Kreditvertrag_ID_00299487366292974.zip
19533000
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!