× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 804857e651ff0cf98ebe749466896bee92a87281db99f1775e87120383b50165
File name: 43056
Detection ratio: 0 / 54
Analysis date: 2016-02-09 20:12:11 UTC ( 3 years ago ) View latest
Antivirus Result Update
Ad-Aware 20160209
AegisLab 20160209
Yandex 20160209
AhnLab-V3 20160209
Alibaba 20160204
Antiy-AVL 20160209
Arcabit 20160209
Avast 20160209
AVG 20160209
Avira (no cloud) 20160209
Baidu-International 20160209
BitDefender 20160209
Bkav 20160204
ByteHero 20160209
CAT-QuickHeal 20160209
ClamAV 20160209
CMC 20160205
Comodo 20160209
Cyren 20160209
DrWeb 20160209
Emsisoft 20160209
ESET-NOD32 20160209
F-Prot 20160209
F-Secure 20160209
Fortinet 20160209
GData 20160209
Ikarus 20160209
Jiangmin 20160209
K7AntiVirus 20160209
K7GW 20160209
Kaspersky 20160209
Malwarebytes 20160209
McAfee 20160209
McAfee-GW-Edition 20160209
Microsoft 20160209
eScan 20160209
NANO-Antivirus 20160209
nProtect 20160205
Panda 20160208
Qihoo-360 20160209
Rising 20160209
Sophos AV 20160209
SUPERAntiSpyware 20160209
Symantec 20160209
Tencent 20160209
TheHacker 20160208
TotalDefense 20160209
TrendMicro 20160209
TrendMicro-HouseCall 20160209
VBA32 20160209
VIPRE 20160209
ViRobot 20160209
Zillya 20160209
Zoner 20160209
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
1
Uncompressed size
2420570
Highest datetime
2009-10-06 14:25:54
Lowest datetime
2009-10-06 14:25:54
Contained files by extension
exe
1
Contained files by type
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x55d01ee9

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
2420570

ZipCompressedSize
2396768

FileTypeExtension
zip

ZipFileName
setup.exe

ZipBitFlag
0x0002

ZipModifyDate
2009:10:06 14:25:54

Execution parents
File identification
MD5 dfe6e2ea2c199e9ca187e9853fb7c289
SHA1 dedf56dc5a59145eac8c1be91b8483bf24d00f47
SHA256 804857e651ff0cf98ebe749466896bee92a87281db99f1775e87120383b50165
ssdeep
49152:3XeJks5z7KeLsQMwD8qt5tKxnGNFHEB7KShJNhv5Yn2VdjLH:3Ox5/Lsjc8a3KgNFkFKUJNhBYnCJH

File size 2.3 MB ( 2396884 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (80.0%)
PrintFox/Pagefox bitmap (var. P) (20.0%)
Tags
contains-pe armadillo zip

VirusTotal metadata
First submission 2010-04-05 14:45:07 UTC ( 8 years, 10 months ago )
Last submission 2016-04-17 00:21:51 UTC ( 2 years, 10 months ago )
File names smsserver.zip
43056
1284014522-smsserver.zip
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!