× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 745a29734e00f669d4b90b1197dad7b7f7e1781ba2e910b78430f5f643ee8e00
File name: DE06A520DDFBEB972C29DAC995422C7E91B00424.apk
Detection ratio: 51 / 61
Analysis date: 2017-09-24 17:28:49 UTC ( 3 weeks, 6 days ago )
Antivirus Result Update
AegisLab W32.W.Cridex.pox!c 20170924
AhnLab-V3 Spyware/Win32.Zbot.R153506 20170923
ALYac Trojan.AgentWDCR.QD 20170924
Antiy-AVL Worm/Win32.Cridex 20170924
Arcabit Trojan.AgentWDCR.QD 20170924
Avast Win32:Cridex-AD [Trj] 20170924
AVG Win32:Cridex-AD [Trj] 20170924
Avira (no cloud) WORM/Cridex.E.562 20170923
AVware Worm.Win32.Cridex.ac (v) 20170923
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20170922
BitDefender Trojan.AgentWDCR.QD 20170924
CAT-QuickHeal Worm.Cridex 20170923
Comodo UnclassifiedMalware 20170924
Cylance Unsafe 20170924
Cyren W32/Trojan.EHYM-2903 20170924
DrWeb Trojan.Necurs.97 20170924
Emsisoft Trojan.AgentWDCR.QD (B) 20170924
ESET-NOD32 Win32/Cridex.AA 20170924
F-Prot W32/Trojan2.OCUJ 20170924
F-Secure Trojan.AgentWDCR.QD 20170924
Fortinet W32/Kryptik.BSHF!tr 20170924
Ikarus Worm.Cridex 20170924
Sophos ML heuristic 20170914
Jiangmin Worm/Cridex.ht 20170924
K7AntiVirus Trojan ( 004939511 ) 20170924
K7GW Trojan ( 004939511 ) 20170924
Kaspersky Worm.Win32.Cridex.pox 20170924
Kingsoft VIRUS_UNKNOWN 20170924
Malwarebytes Spyware.Zbot 20170924
MAX malware (ai score=100) 20170924
McAfee Generic.sh 20170924
McAfee-GW-Edition Generic.sh 20170924
Microsoft Worm:Win32/Cridex.E 20170924
NANO-Antivirus Trojan.Win32.Cridex.ctibbt 20170924
Panda Generic Malware 20170924
Qihoo-360 Win32/Trojan.894 20170924
Rising Worm.Win32.Cridex.ai (CLASSIC) 20170924
Sophos AV Mal/Emotet-A 20170923
Symantec Trojan.Gen.7 20170923
Tencent Win32.Worm.Cridex.Lkxh 20170924
TheHacker Trojan/Cridex.aa 20170921
TotalDefense Win32/Cridex.LA 20170924
TrendMicro WORM_CRIDEX.NU 20170924
TrendMicro-HouseCall WORM_CRIDEX.NU 20170924
VBA32 Worm.Cridex 20170922
VIPRE Worm.Win32.Cridex.ac (v) 20170924
Webroot W32.Malware.Gen 20170924
Yandex Trojan.Kazy!7mHNeHPi/Ck 20170908
Zillya Worm.Cridex.Win32.365 20170922
ZoneAlarm by Check Point Worm.Win32.Cridex.pox 20170924
Zoner I-Worm.Cridex.AA 20170924
Ad-Aware 20170924
Alibaba 20170911
Avast-Mobile 20170923
ClamAV 20170924
CMC 20170920
CrowdStrike Falcon (ML) 20170804
Endgame 20170821
eScan 20170924
nProtect 20170924
Palo Alto Networks (Known Signatures) 20170924
SentinelOne (Static ML) 20170806
SUPERAntiSpyware 20170924
Symantec Mobile Insight 20170922
Trustlook 20170924
ViRobot 20170924
WhiteArmor 20170829
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
1
Uncompressed size
167936
Highest datetime
2014-01-16 21:28:40
Lowest datetime
2014-01-16 21:28:40
Contained files by extension
exe
1
Contained files by type
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x42a77123

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
167936

ZipCompressedSize
108041

FileTypeExtension
zip

ZipFileName
Kunden_Kreditvertrag_ID_00299487366292974_Monat_Januar_2014_FinanzGruppe_Volksbanken_Raiffeisenbanken.exe

ZipBitFlag
0

ZipModifyDate
2014:01:16 21:28:20

Compressed bundles
File identification
MD5 a09dd5c454693a0cc9d877dff371b9fc
SHA1 de06a520ddfbeb972c29dac995422c7e91b00424
SHA256 745a29734e00f669d4b90b1197dad7b7f7e1781ba2e910b78430f5f643ee8e00
ssdeep
3072:9GiToxIkMLjXDuHtO22eTAyeOkQOMJJlmCiUalNmG5:8QgqjTuHv5AydkQOMJTqUal/

File size 105.8 KB ( 108349 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2014-01-16 20:17:25 UTC ( 3 years, 9 months ago )
Last submission 2017-09-24 17:28:49 UTC ( 3 weeks, 6 days ago )
File names aa
file-6483770_zip
DE06A520DDFBEB972C29DAC995422C7E91B00424.apk
xZTsb.ocx
Kunden_Kreditvertrag_ID_002994873662929741.zip
Kunden_Kreditvertrag_ID_00299487366292974(1).zip
19533959
SX1X2Lh.gz
output.19533959.txt
2773f3c8d4e6116ff171b372364b170dc86d4dea
Kunden_Kreditvertrag_ID_00299487366292974.zip
19533000
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!