× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 745a29734e00f669d4b90b1197dad7b7f7e1781ba2e910b78430f5f643ee8e00
File name: DE06A520DDFBEB972C29DAC995422C7E91B00424.apk
Detection ratio: 51 / 62
Analysis date: 2017-07-18 13:58:48 UTC ( 4 weeks, 1 day ago )
Antivirus Result Update
AegisLab W32.W.Cridex.pox!c 20170718
AhnLab-V3 Spyware/Win32.Zbot.R153506 20170718
ALYac Trojan.AgentWDCR.QD 20170718
Antiy-AVL Worm/Win32.Cridex 20170718
Arcabit Trojan.AgentWDCR.QD 20170718
Avast Win32:Cridex-AD [Trj] 20170718
AVG Win32:Cridex-AD [Trj] 20170718
Avira (no cloud) WORM/Cridex.E.562 20170718
AVware Worm.Win32.Cridex.ac (v) 20170718
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20170718
BitDefender Trojan.AgentWDCR.QD 20170718
CAT-QuickHeal Worm.Cridex 20170718
Comodo UnclassifiedMalware 20170718
Cylance Unsafe 20170718
Cyren W32/Trojan.EHYM-2903 20170718
DrWeb Trojan.Necurs.97 20170718
Emsisoft Trojan.AgentWDCR.QD (B) 20170718
ESET-NOD32 Win32/Cridex.AA 20170718
F-Prot W32/Trojan2.OCUJ 20170718
F-Secure Trojan.AgentWDCR.QD 20170718
Fortinet W32/Kryptik.BSHF!tr 20170718
GData Trojan.AgentWDCR.QD 20170718
Ikarus Worm.Cridex 20170718
Sophos ML heuristic 20170607
Jiangmin Worm/Cridex.ht 20170718
K7AntiVirus Trojan ( 004939511 ) 20170718
K7GW Trojan ( 004939511 ) 20170718
Kaspersky Worm.Win32.Cridex.pox 20170718
Malwarebytes Spyware.Zbot 20170718
MAX malware (ai score=86) 20170718
McAfee Generic.sh 20170718
McAfee-GW-Edition Generic.sh 20170718
Microsoft Worm:Win32/Cridex.E 20170718
NANO-Antivirus Trojan.Win32.Cridex.ctibbt 20170718
Panda Trj/WLT.A 20170718
Qihoo-360 Win32/Trojan.894 20170718
Rising Worm.Win32.Cridex.ai (classic) 20170718
Sophos AV Mal/Emotet-A 20170718
Symantec SecurityRisk.gen1 20170718
Tencent Win32.Worm.Cridex.Lkxh 20170718
TheHacker Trojan/Cridex.aa 20170717
TotalDefense Win32/Cridex.LA 20170718
TrendMicro WORM_CRIDEX.NU 20170718
TrendMicro-HouseCall WORM_CRIDEX.NU 20170718
VBA32 Worm.Cridex 20170718
VIPRE Worm.Win32.Cridex.ac (v) 20170718
Webroot W32.Malware.Gen 20170718
Yandex Trojan.Kazy!7mHNeHPi/Ck 20170717
Zillya Worm.Cridex.Win32.365 20170717
ZoneAlarm by Check Point Worm.Win32.Cridex.pox 20170718
Zoner I-Worm.Cridex.AA 20170718
Ad-Aware 20170718
Alibaba 20170718
Bkav 20170718
ClamAV 20170718
CMC 20170718
CrowdStrike Falcon (ML) 20170710
Endgame 20170713
Kingsoft 20170718
eScan 20170718
nProtect 20170718
Palo Alto Networks (Known Signatures) 20170718
SentinelOne (Static ML) 20170718
SUPERAntiSpyware 20170718
Symantec Mobile Insight 20170718
Trustlook 20170718
ViRobot 20170718
WhiteArmor 20170713
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
1
Uncompressed size
167936
Highest datetime
2014-01-16 21:28:40
Lowest datetime
2014-01-16 21:28:40
Contained files by extension
exe
1
Contained files by type
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x42a77123

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
167936

ZipCompressedSize
108041

FileTypeExtension
zip

ZipFileName
Kunden_Kreditvertrag_ID_00299487366292974_Monat_Januar_2014_FinanzGruppe_Volksbanken_Raiffeisenbanken.exe

ZipBitFlag
0

ZipModifyDate
2014:01:16 21:28:20

Compressed bundles
File identification
MD5 a09dd5c454693a0cc9d877dff371b9fc
SHA1 de06a520ddfbeb972c29dac995422c7e91b00424
SHA256 745a29734e00f669d4b90b1197dad7b7f7e1781ba2e910b78430f5f643ee8e00
ssdeep
3072:9GiToxIkMLjXDuHtO22eTAyeOkQOMJJlmCiUalNmG5:8QgqjTuHv5AydkQOMJTqUal/

File size 105.8 KB ( 108349 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2014-01-16 20:17:25 UTC ( 3 years, 7 months ago )
Last submission 2017-07-18 13:58:48 UTC ( 4 weeks, 1 day ago )
File names aa
file-6483770_zip
DE06A520DDFBEB972C29DAC995422C7E91B00424.apk
xZTsb.ocx
Kunden_Kreditvertrag_ID_002994873662929741.zip
Kunden_Kreditvertrag_ID_00299487366292974(1).zip
19533959
SX1X2Lh.gz
output.19533959.txt
2773f3c8d4e6116ff171b372364b170dc86d4dea
Kunden_Kreditvertrag_ID_00299487366292974.zip
19533000
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!