× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7cc294385acb623e365a96c360f4d2693b967265b1652b49c7e0424e4f9c5774
File name: EVACopy-v7.2.zip
Detection ratio: 5 / 53
Analysis date: 2014-11-16 12:54:15 UTC ( 2 years, 9 months ago ) View latest
Antivirus Result Update
CMC Trojan.Win32.Generic!O 20141114
F-Prot W32/AutoIt.CR.gen!Eldorado 20141116
Jiangmin Backdoor/Bifrose.bxc 20141115
Symantec WS.Reputation.1 20141116
ViRobot JS.A.Iframe.660699 20141115
Ad-Aware 20141116
AegisLab 20141116
Yandex 20141115
AhnLab-V3 20141116
Antiy-AVL 20141116
Avast 20141116
AVG 20141116
Avira (no cloud) 20141116
AVware 20141116
Baidu-International 20141107
BitDefender 20141116
Bkav 20141115
ByteHero 20141116
CAT-QuickHeal 20141114
ClamAV 20141116
Comodo 20141116
Cyren 20141116
DrWeb 20141116
Emsisoft 20141116
ESET-NOD32 20141116
F-Secure 20141116
Fortinet 20141116
GData 20141116
Ikarus 20141116
K7AntiVirus 20141114
K7GW 20141115
Kaspersky 20141116
Kingsoft 20141116
Malwarebytes 20141116
McAfee 20141116
McAfee-GW-Edition 20141116
Microsoft 20141116
eScan 20141116
NANO-Antivirus 20141116
Norman 20141116
nProtect 20141114
Panda 20141116
Qihoo-360 20141116
Rising 20141115
Sophos AV 20141116
SUPERAntiSpyware 20141115
Tencent 20141116
TheHacker 20141115
TotalDefense 20141115
TrendMicro 20141116
VBA32 20141114
Zillya 20141115
Zoner 20141112
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
11
Uncompressed size
4781418
Highest datetime
2014-11-16 12:28:40
Lowest datetime
2011-06-08 02:01:32
Contained files by extension
exe
7
pdf
3
txt
1
Contained files by type
Portable Executable
7
PDF
3
unknown
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0xf1ab3681

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
290081

ZipCompressedSize
284218

FileTypeExtension
zip

ZipFileName
EVAConfBase.exe

ZipBitFlag
0

ZipModifyDate
2014:11:13 13:20:18

File identification
MD5 c59c12b61792565ded8bedffed90dbc0
SHA1 6cbb581ce3ecf41679fc865a00625f5ca7bd1a17
SHA256 7cc294385acb623e365a96c360f4d2693b967265b1652b49c7e0424e4f9c5774
ssdeep
98304:LYqQSkYqQSdSUyDBmJ3Tlu+0M5N6YvvOCy3AXWW:LCSkCSE7MJaMjLvvOcGW

File size 3.1 MB ( 3207312 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe zip upx

VirusTotal metadata
First submission 2014-11-16 12:54:15 UTC ( 2 years, 9 months ago )
Last submission 2017-08-05 06:34:40 UTC ( 2 weeks, 4 days ago )
File names EVACopy-v7.2.zip
C59C12B61792565DED8BEDFFED90DBC0.zip
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!