× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8b4474c158ba807b261ca28028ffe8549084577f9f02f9a8c757e03995c18d19
File name: 0729.exe
Detection ratio: 18 / 67
Analysis date: 2018-03-28 09:04:40 UTC ( 10 months, 4 weeks ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20180328
AVG FileRepMalware 20180328
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180328
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170201
Cybereason malicious.ec79a2 20180225
Cylance Unsafe 20180328
eGambit Unsafe.AI_Score_100% 20180328
Endgame malicious (high confidence) 20180316
Fortinet W32/GenKryptik.BPZH!tr 20180328
Sophos ML heuristic 20180121
Malwarebytes Trojan.Emotet 20180328
Microsoft Trojan:Win32/Azden.B!cl 20180328
Palo Alto Networks (Known Signatures) generic.ml 20180328
Qihoo-360 HEUR/QVM19.1.1F0B.Malware.Gen 20180328
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/EncPk-ANR 20180328
Symantec ML.Attribute.HighConfidence 20180328
WhiteArmor Malware.HighConfidence 20180324
Ad-Aware 20180328
AegisLab 20180328
AhnLab-V3 20180328
Alibaba 20180328
ALYac 20180328
Antiy-AVL 20180327
Arcabit 20180328
Avast-Mobile 20180327
Avira (no cloud) 20180328
AVware 20180328
BitDefender 20180328
Bkav 20180327
CAT-QuickHeal 20180327
ClamAV 20180328
CMC 20180327
Comodo 20180328
Cyren 20180328
DrWeb 20180328
Emsisoft 20180328
ESET-NOD32 20180328
F-Prot 20180328
F-Secure 20180328
GData 20180328
Ikarus 20180328
Jiangmin 20180328
K7AntiVirus 20180328
K7GW 20180328
Kaspersky 20180328
Kingsoft 20180328
MAX 20180328
McAfee 20180328
McAfee-GW-Edition 20180328
eScan 20180328
NANO-Antivirus 20180328
nProtect 20180328
Panda 20180327
Rising 20180328
SUPERAntiSpyware 20180328
Symantec Mobile Insight 20180311
Tencent 20180328
TheHacker 20180327
TotalDefense 20180328
TrendMicro 20180328
TrendMicro-HouseCall 20180328
Trustlook 20180328
VBA32 20180327
VIPRE 20180328
ViRobot 20180328
Yandex 20180328
Zillya 20180328
ZoneAlarm by Check Point 20180328
Zoner 20180327
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product cyrus-sasl
File version 2.1.24
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Entry Point 0x000016B0
Number of sections 5
PE sections
PE imports
GetPrivateProfileSectionNamesA
GetThreadPriority
SetUserGeoID
SetHandleCount
IsValidCodePage
GetLastError
GetNumberOfConsoleInputEvents
FlsFree
VkKeyScanA
RemoveMenu
Ord(29)
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
1

LinkerVersion
0.2

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.1.24.0

LanguageCode
Process default

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, 32-bit, System file

CharacterSet
Windows, Latin1

InitializedDataSize
57344

EntryPoint
0x16b0

MIMEType
application/octet-stream

FileVersion
2.1.24

TimeStamp
0000:00:00 00:00:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
2.1.24

SubsystemVersion
5.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
199347179

ProductName
cyrus-sasl

ProductVersionNumber
2.1.24.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 395c3772b85b1992f3d90ae42f749d46
SHA1 ac68690ec79a2e6565836e2169f50b921aa93cd8
SHA256 8b4474c158ba807b261ca28028ffe8549084577f9f02f9a8c757e03995c18d19
ssdeep
1536:X5V4vsE8GJNm+qkQoRd7lD8lOSCUHBvsuokUb:j4imNukJdZiO+hM

authentihash 249d8c6ce604e378c6293e0a89b45c7d9bed2ccc1998967044ff9dcd2d5e6ab3
imphash 8fa566af20bed8f67ecf7168e02284e9
File size 107.5 KB ( 110080 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit system file

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-03-28 09:04:40 UTC ( 10 months, 4 weeks ago )
Last submission 2018-05-08 03:55:25 UTC ( 9 months, 2 weeks ago )
File names 6044.exe
6307.exe
output.113062869.txt
0729.exe
1856.exe
(2)
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!