× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8af59ab72630f1702379a88f55816449903858bd025aaaa08be426c3a0679976
File name: ƒяεεβυzZ v1.О s2α sεηdεя βγ by empratoran@n.c.exe
Detection ratio: 1 / 47
Analysis date: 2013-09-08 06:23:39 UTC ( 5 years, 3 months ago ) View latest
Antivirus Result Update
VIPRE LooksLike.Win32.Malware!C (v) 20130908
Yandex 20130907
AhnLab-V3 20130907
AntiVir 20130907
Antiy-AVL 20130908
Avast 20130908
AVG 20130908
Baidu-International 20130907
BitDefender 20130908
ByteHero 20130903
CAT-QuickHeal 20130907
ClamAV 20130908
Commtouch 20130908
Comodo 20130908
DrWeb 20130908
Emsisoft 20130908
ESET-NOD32 20130908
F-Prot 20130908
F-Secure 20130908
Fortinet 20130908
GData 20130908
Ikarus 20130908
Jiangmin 20130903
K7AntiVirus 20130906
K7GW 20130906
Kaspersky 20130908
Kingsoft 20130829
Malwarebytes 20130908
McAfee 20130908
McAfee-GW-Edition 20130907
Microsoft 20130908
eScan 20130908
NANO-Antivirus 20130908
Norman 20130907
nProtect 20130906
Panda 20130907
PCTools 20130907
Rising 20130906
Sophos AV 20130908
SUPERAntiSpyware 20130907
Symantec 20130908
TheHacker 20130907
TotalDefense 20130906
TrendMicro 20130908
TrendMicro-HouseCall 20130908
VBA32 20130906
ViRobot 20130908
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
FileVersionInfo properties
Copyright
??????zZ v1.? s2? s??d?? ?? by empratoran@n.c ar,min@n.c

Publisher ??????zZ v1.? s2? s??d?? ?? by empratoran@n.c ar,min@n.c
Product ??????zZ v1.? s2? s??d?? ?? by empratoran@n.c ar,min@n.c
Version 1.0.0.0
Original name ??????zZ v1.? s2? s??d?? ?? by empratoran@n.c.exe
Internal name ??????zZ v1.? s2? s??d?? ?? by empratoran@n.c.exe
File version 1.0.0.0
Description ??????zZ v1.? s2? s??d?? ?? by empratoran@n.c ar,min@n.c
Comments empratoran@Nimbuzz.com
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-05-20 00:02:07
Entry Point 0x0002117E
Number of sections 3
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 4
PE resources
Compressed bundles
File identification
MD5 4b23b29995089761947f7ac5693d07cf
SHA1 42dee07c5a811475a51093054be6e5d11e5d3f43
SHA256 8af59ab72630f1702379a88f55816449903858bd025aaaa08be426c3a0679976
ssdeep
3072:Dvcre3d+H0Aqb2O0ALBUTHdWY6Cmep5VlIVn:DkGJAqb2BAOTdWY6CmepFI

File size 130.0 KB ( 133120 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (63.1%)
Win64 Executable (generic) (23.8%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Generic Win/DOS Executable (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2013-09-08 04:52:24 UTC ( 5 years, 3 months ago )
Last submission 2013-10-01 18:06:16 UTC ( 5 years, 2 months ago )
File names ƒяεεβυzZ v1.О s2α sεηdεя βγ by empratoran@n.c.exe
??????zZ v1.? s2? s??d?? ?? by empratoran@n.c.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!