× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7681f4cb4dc87307702b3eb6e84ad22420dad686850ee23edb339625825352d4
File name: hqjz.exe
Detection ratio: 3 / 61
Analysis date: 2017-05-16 14:04:38 UTC ( 1 year, 11 months ago ) View latest
Antivirus Result Update
Kaspersky UDS:DangerousObject.Multi.Generic 20170516
Webroot W32.Trojan.Gen 20170516
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20170516
Ad-Aware 20170516
AegisLab 20170516
AhnLab-V3 20170516
Alibaba 20170516
ALYac 20170516
Antiy-AVL 20170516
Arcabit 20170516
Avast 20170516
AVG 20170516
Avira (no cloud) 20170516
AVware 20170516
Baidu 20170503
BitDefender 20170516
Bkav 20170516
CAT-QuickHeal 20170516
ClamAV 20170515
CMC 20170516
Comodo 20170516
CrowdStrike Falcon (ML) 20170130
Cyren 20170516
DrWeb 20170516
Emsisoft 20170516
Endgame 20170515
ESET-NOD32 20170516
F-Prot 20170516
F-Secure 20170516
Fortinet 20170516
GData 20170516
Ikarus 20170516
Sophos ML 20170413
Jiangmin 20170516
K7AntiVirus 20170516
K7GW 20170516
Kingsoft 20170516
Malwarebytes 20170516
McAfee 20170516
McAfee-GW-Edition 20170515
Microsoft 20170516
eScan 20170516
NANO-Antivirus 20170516
nProtect 20170516
Palo Alto Networks (Known Signatures) 20170516
Panda 20170515
Qihoo-360 20170516
Rising 20170515
SentinelOne (Static ML) 20170516
Sophos AV 20170516
SUPERAntiSpyware 20170516
Symantec 20170516
Symantec Mobile Insight 20170516
Tencent 20170516
TheHacker 20170514
TrendMicro 20170516
TrendMicro-HouseCall 20170516
Trustlook 20170516
VBA32 20170516
VIPRE 20170516
ViRobot 20170516
WhiteArmor 20170512
Yandex 20170515
Zillya 20170516
Zoner 20170516
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2017

Product KJAHSDKJAHJKD
Original name JKASHJDKAHJDKAHKDJ.exe
Internal name JKASHJDKAHJDKAHKDJ.exe
File version 1.0.0.0
Description KJAHSDKJAHJKD
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-05-16 10:48:48
Entry Point 0x000027FE
Number of sections 3
.NET details
Module Version ID 488d5f06-0b6d-4f7c-8d02-57f1738dc7aa
TypeLib ID c9a18883-2a41-45ce-a0da-ff3811aefcc1
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
11.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
KJAHSDKJAHJKD

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
1536

EntryPoint
0x27fe

OriginalFileName
JKASHJDKAHJDKAHKDJ.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2017

FileVersion
1.0.0.0

TimeStamp
2017:05:16 11:48:48+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
JKASHJDKAHJDKAHKDJ.exe

ProductVersion
1.0.0.0

SubsystemVersion
6.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
2560

ProductName
KJAHSDKJAHJKD

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

Compressed bundles
File identification
MD5 fb9130c27c87b91cbfa8b33e1d87a14f
SHA1 f2cd953eefb995184497c944e84a1b134efd85da
SHA256 7681f4cb4dc87307702b3eb6e84ad22420dad686850ee23edb339625825352d4
ssdeep
48:6jn8Qus0OfE7m435MJqV6iBelScwqxUnXK1AQlLFafFgMF:ihHfQn+ScwqaXOVzafF

authentihash 57a02230cfbddbbd901d2c9fcc57a684782e2c9a5a56bc7dfbb4d985d0014932
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 4.5 KB ( 4608 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (81.0%)
Win32 Dynamic Link Library (generic) (7.2%)
Win32 Executable (generic) (4.9%)
OS/2 Executable (generic) (2.2%)
Generic Win/DOS Executable (2.2%)
Tags
peexe assembly

VirusTotal metadata
First submission 2017-05-16 14:04:38 UTC ( 1 year, 11 months ago )
Last submission 2018-08-22 16:41:42 UTC ( 8 months ago )
File names ejf.exe
vha.exe
gexeuhsb.exe
vkm.exeorg
vpt.exe
JKASHJDKAHJDKAHKDJ.exe
zpa.exe
pwcawjcgp.exe
ikeourc.exe
gkp.exe
hqjz.exe
Behaviour characterization
Zemana
dll-injection

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!