× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7b5c9a9e581ea218758583bf4cafe11972384d16704621d9f274a77a00af19d4
File name: cOrF23
Detection ratio: 1 / 57
Analysis date: 2017-06-23 02:22:54 UTC ( 1 year, 6 months ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9791 20170622
Ad-Aware 20170623
AegisLab 20170623
AhnLab-V3 20170622
Alibaba 20170622
ALYac 20170622
Antiy-AVL 20170622
Arcabit 20170623
Avast 20170622
AVG 20170622
Avira (no cloud) 20170623
AVware 20170622
BitDefender 20170622
Bkav 20170623
CAT-QuickHeal 20170622
ClamAV 20170622
CMC 20170619
Comodo 20170623
CrowdStrike Falcon (ML) 20170420
Cyren 20170622
DrWeb 20170623
Emsisoft 20170623
Endgame 20170615
ESET-NOD32 20170623
F-Prot 20170623
F-Secure 20170623
Fortinet 20170622
GData 20170622
Ikarus 20170622
Sophos ML 20170607
Jiangmin 20170622
K7AntiVirus 20170622
K7GW 20170623
Kaspersky 20170622
Kingsoft 20170623
Malwarebytes 20170623
McAfee 20170623
McAfee-GW-Edition 20170622
Microsoft 20170622
eScan 20170622
NANO-Antivirus 20170623
nProtect 20170623
Palo Alto Networks (Known Signatures) 20170623
Panda 20170622
Qihoo-360 20170623
Rising None
SentinelOne (Static ML) 20170516
Sophos AV 20170623
SUPERAntiSpyware 20170623
Symantec 20170622
Symantec Mobile Insight 20170621
Tencent 20170623
TheHacker 20170621
TotalDefense 20170622
TrendMicro 20170623
Trustlook 20170623
VBA32 20170622
VIPRE 20170622
ViRobot 20170622
Webroot 20170623
WhiteArmor 20170616
Yandex 20170622
Zillya 20170622
ZoneAlarm by Check Point 20170623
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
4
Uncompressed size
1093469
Highest datetime
2015-07-20 19:30:22
Lowest datetime
2015-05-13 22:32:36
Contained files by extension
txt
2
dll
1
exe
1
Contained files by type
unknown
2
Portable Executable
2
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0xef18a2ba

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
2592

ZipCompressedSize
1131

FileTypeExtension
zip

ZipFileName
Mission Creator Readme.txt

ZipBitFlag
0

ZipModifyDate
2015:05:17 21:46:02

File identification
MD5 726935399f7ccadbe08c01b978f6521e
SHA1 fbcc59c520d9bad8dac7d17819fae051e0fd73cb
SHA256 7b5c9a9e581ea218758583bf4cafe11972384d16704621d9f274a77a00af19d4
ssdeep
12288:ZkrgzkY2BpQkOKSiYmflzmFnhrKnPRJ9GFl1pnO3l4z9lFU:6021Snhrgu/1I14Bl6

File size 448.7 KB ( 459515 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2015-07-21 00:01:16 UTC ( 3 years, 6 months ago )
Last submission 2017-09-20 21:00:12 UTC ( 1 year, 3 months ago )
File names truckingmissions.zip
eaf5ab-TruckingMissions.zip
cOrF23
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: Suspicious_GEN.F47V1012.

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!