× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 74999459d919acdde70bd4248c068c42eba4475216b74780dc886ab2ebbfd634
File name: shutdownwin.zip
Detection ratio: 4 / 62
Analysis date: 2018-05-20 07:50:06 UTC ( 6 months ago ) View latest
Antivirus Result Update
Cylance Unsafe 20180520
Ikarus Trojan-Downloader.Win32.Karagany 20180519
Jiangmin TrojanDropper.Dinwod.vg 20180520
VBA32 BScope.Trojan.Agent 20180518
Ad-Aware 20180520
AegisLab 20180520
AhnLab-V3 20180519
Alibaba 20180518
ALYac 20180520
Antiy-AVL 20180520
Arcabit 20180520
Avast 20180520
Avast-Mobile 20180519
AVG 20180520
Avira (no cloud) 20180520
AVware 20180520
Babable 20180406
Baidu 20180518
BitDefender 20180520
Bkav 20180518
CAT-QuickHeal 20180519
ClamAV 20180520
CMC 20180520
Comodo 20180520
CrowdStrike Falcon (ML) 20180418
Cybereason None
Cyren 20180520
DrWeb 20180520
eGambit 20180520
Emsisoft 20180520
Endgame 20180507
ESET-NOD32 20180520
F-Prot 20180520
F-Secure 20180520
Fortinet 20180520
GData 20180520
Sophos ML 20180503
K7AntiVirus 20180520
K7GW 20180520
Kaspersky 20180520
Kingsoft 20180520
Malwarebytes 20180520
MAX 20180520
McAfee 20180520
McAfee-GW-Edition 20180520
Microsoft 20180520
eScan 20180520
NANO-Antivirus 20180520
nProtect 20180520
Palo Alto Networks (Known Signatures) 20180520
Panda 20180520
Qihoo-360 20180520
Rising 20180520
SentinelOne (Static ML) 20180225
Sophos AV 20180520
SUPERAntiSpyware 20180520
Symantec 20180519
Symantec Mobile Insight 20180518
Tencent 20180520
TheHacker 20180516
TotalDefense 20180520
TrendMicro 20180520
TrendMicro-HouseCall 20180520
Trustlook 20180520
VIPRE 20180520
ViRobot 20180519
Webroot 20180520
Yandex 20180518
Zillya 20180519
ZoneAlarm by Check Point 20180520
Zoner 20180519
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
5
Uncompressed size
48286
Highest datetime
2014-09-20 18:07:50
Lowest datetime
2014-09-18 14:05:56
Contained files by extension
res
1
dpr
1
txt
1
pas
1
exe
1
Contained files by type
unknown
4
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x7bf33326

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
711

ZipCompressedSize
427

FileTypeExtension
zip

ZipFileName
Readme.txt

ZipBitFlag
0

ZipModifyDate
2014:09:18 14:05:56

File identification
MD5 7984d9547d4888eb0e77ae6e51b755b5
SHA1 6b0cfe1dbafe905c240d4584cc8a6f05a9a69f27
SHA256 74999459d919acdde70bd4248c068c42eba4475216b74780dc886ab2ebbfd634
ssdeep
384:EGd/y9xm4ktPKw9GSNjGiZKdamylxFV+NJXewYE9ruFjCTWB+KG/L:EIJGFiZXFFOEzP0TBf/L

File size 23.8 KB ( 24381 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (80.0%)
PrintFox/Pagefox bitmap (var. P) (20.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2015-01-26 04:33:22 UTC ( 3 years, 9 months ago )
Last submission 2018-05-27 00:24:04 UTC ( 5 months, 4 weeks ago )
File names shutdownwin.zip
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!