× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7c9479de019d3eaa715088f3422178d74554f7680c19792fc39cec98a16efa3c
File name: output.113270949.txt
Detection ratio: 10 / 67
Analysis date: 2018-05-10 23:05:34 UTC ( 9 months, 2 weeks ago )
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9886 20180510
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20180418
Cylance Unsafe 20180511
Endgame malicious (high confidence) 20180507
ESET-NOD32 a variant of MSIL/Kryptik.NJJ 20180510
Fortinet MSIL/Kryptik.NOE!tr 20180510
Sophos ML heuristic 20180504
McAfee-GW-Edition BehavesLike.Win32.Trojan.gc 20180510
Qihoo-360 HEUR/QVM03.0.144D.Malware.Gen 20180511
SentinelOne (Static ML) static engine - malicious 20180225
Ad-Aware 20180510
AegisLab 20180510
AhnLab-V3 20180510
Alibaba 20180510
ALYac 20180510
Antiy-AVL 20180510
Arcabit 20180510
Avast 20180510
Avast-Mobile 20180510
AVG 20180510
Avira (no cloud) 20180510
AVware 20180428
Babable 20180406
BitDefender 20180510
Bkav 20180510
CAT-QuickHeal 20180510
ClamAV 20180510
CMC 20180510
Comodo 20180510
Cybereason None
Cyren 20180510
DrWeb 20180510
eGambit 20180511
Emsisoft 20180510
F-Prot 20180510
F-Secure 20180510
GData 20180511
Ikarus 20180509
Jiangmin 20180510
K7AntiVirus 20180510
K7GW 20180510
Kaspersky 20180510
Kingsoft 20180511
Malwarebytes 20180511
MAX 20180511
McAfee 20180510
Microsoft 20180511
eScan 20180510
NANO-Antivirus 20180510
nProtect 20180510
Palo Alto Networks (Known Signatures) 20180511
Panda 20180510
Rising 20180510
Sophos AV 20180510
SUPERAntiSpyware 20180510
Symantec 20180510
Symantec Mobile Insight 20180509
Tencent 20180511
TheHacker 20180509
TotalDefense 20180511
TrendMicro 20180510
TrendMicro-HouseCall 20180510
Trustlook 20180511
VBA32 20180510
VIPRE 20180510
ViRobot 20180510
Webroot 20180511
Yandex 20180508
Zillya 20180510
ZoneAlarm by Check Point 20180510
Zoner 20180511
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2018 The Men's Wearhouse Inc.

Product Gain valuable security insights into Exchange and Exchange Online
Original name 1.exe
Internal name 1.exe
File version 9.5.27.3
Description Gain valuable security insights into Exchange and Exchange Online
Comments 01kbgtl50sb
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-08-01 02:28:19
Entry Point 0x0007978E
Number of sections 3
.NET details
Module Version ID 1233e16e-d947-4648-a60e-c15965760d85
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
FileDescription
Gain valuable security insights into Exchange and Exchange Online

Comments
01kbgtl50sb

LinkerVersion
8.0

ImageVersion
0.0

ProductName
Gain valuable security insights into Exchange and Exchange Online

FileVersionNumber
9.5.27.3

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
2560

FileTypeExtension
exe

OriginalFileName
1.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
9.5.27.3

TimeStamp
2017:08:01 04:28:19+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
1.exe

SubsystemVersion
4.0

ProductVersion
9.5.27.3

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright 2018 The Men's Wearhouse Inc.

MachineType
Intel 386 or later, and compatibles

CompanyName
The Men's Wearhouse Inc.

CodeSize
489472

FileSubtype
0

ProductVersionNumber
9.5.27.3

EntryPoint
0x7978e

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 25131e02482e537ff7f6550b131b1801
SHA1 cba2d6ad1673e564b22a46f179375e53333f92cd
SHA256 7c9479de019d3eaa715088f3422178d74554f7680c19792fc39cec98a16efa3c
ssdeep
12288:YUwHFL4QLh3UknPPhIvPoAxQCy+9Xua3tKWv:1HQLh3TYPoAU+953r

authentihash 5716cd5bcc9600d349f1b7d7eff4e340bae49ee7ed9f1a0d94e50bf56e669efe
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 481.0 KB ( 492544 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (62.0%)
Win64 Executable (generic) (23.4%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.8%)
OS/2 Executable (generic) (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-05-10 23:05:34 UTC ( 9 months, 2 weeks ago )
Last submission 2018-05-10 23:05:34 UTC ( 9 months, 2 weeks ago )
File names 1.exe
output.113270949.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!