× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8e9f770ee5df2404134d9fbb1d478f0436b54c59947861b4226a46812c06a252
File name: 8e9f770ee5df2404134d9fbb1d478f0436b54c59947861b4226a46812c06a252
Detection ratio: 11 / 71
Analysis date: 2018-12-20 09:44:04 UTC ( 1 month, 4 weeks ago ) View latest
Antivirus Result Update
Acronis malware 20180726
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
Cylance Unsafe 20181220
Endgame malicious (moderate confidence) 20181108
Sophos ML heuristic 20181128
Qihoo-360 HEUR/QVM19.1.FD3A.Malware.Gen 20181220
Rising Malware.Heuristic!ET#100% (RDM+:cmRtazriKeFV6mlK6t6aNVQmvjQX) 20181220
SentinelOne (Static ML) static engine - malicious 20181011
SUPERAntiSpyware Trojan.Agent/Gen-Falprod 20181220
Symantec ML.Attribute.HighConfidence 20181220
Trapmine suspicious.low.ml.score 20181205
Ad-Aware 20181220
AegisLab 20181220
AhnLab-V3 20181219
Alibaba 20180921
ALYac 20181220
Antiy-AVL 20181220
Arcabit 20181220
Avast 20181220
Avast-Mobile 20181220
AVG 20181220
Avira (no cloud) 20181220
Babable 20180918
Baidu 20181207
BitDefender 20181220
Bkav 20181219
CAT-QuickHeal 20181219
ClamAV 20181220
CMC 20181219
Comodo 20181220
Cybereason 20180225
Cyren 20181220
DrWeb 20181220
eGambit 20181220
Emsisoft 20181220
ESET-NOD32 20181220
F-Prot 20181220
F-Secure 20181220
Fortinet 20181220
GData 20181220
Ikarus 20181220
Jiangmin 20181220
K7AntiVirus 20181219
K7GW 20181219
Kaspersky 20181220
Kingsoft 20181220
Malwarebytes 20181219
MAX 20181220
McAfee 20181220
McAfee-GW-Edition 20181220
Microsoft 20181220
eScan 20181220
NANO-Antivirus 20181220
Palo Alto Networks (Known Signatures) 20181220
Panda 20181219
Sophos AV 20181220
Symantec Mobile Insight 20181215
TACHYON 20181220
Tencent 20181220
TheHacker 20181216
TotalDefense 20181219
TrendMicro 20181220
TrendMicro-HouseCall 20181220
Trustlook 20181220
VBA32 20181219
VIPRE 20181220
ViRobot 20181220
Webroot 20181220
Yandex 20181219
Zillya 20181219
ZoneAlarm by Check Point 20181220
Zoner 20181220
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-12-20 09:27:58
Entry Point 0x0000101E
Number of sections 6
PE sections
PE imports
DPtoLP
GetNamedPipeClientProcessId
FlushProcessWriteBuffers
FlsFree
GetProfileIntA
GetModuleHandleW
LZSeek
VarCyMul
PackDDElParam
Number of PE resources by type
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
ExifTool file metadata
SubsystemVersion
5.0

InitializedDataSize
27648

ImageVersion
0.0

ProductName
Microsof

FileVersionNumber
5.20.3.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
ASCII

LinkerVersion
12.0

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

TimeStamp
2018:12:20 10:27:58+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
6.1.7600.163

FileDescription
Bosnian (Cyri

OSVersion
5.0

FileOS
Win32

LegalCopyright
Copyright Stirling Technologies, 1993-1997

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporatio

CodeSize
561152

FileSubtype
0

ProductVersionNumber
5.20.3.0

EntryPoint
0x101e

ObjectFileType
Dynamic link library

File identification
MD5 8aa45ec92fd705b2d90121b70a1d97d0
SHA1 0ae1d58d96d927323361dcb2ac958a6edb22b237
SHA256 8e9f770ee5df2404134d9fbb1d478f0436b54c59947861b4226a46812c06a252
ssdeep
3072:wcN7b2fGF1Hgonp4dsvzlFCTZO++S+did5bb7xr:w8yfGPH7n2svzlFAedid51

authentihash 0cccef79ab6b574de9d183cf756f149cf019fa0e8176bba9875f9e9dc3914cb5
imphash ef883ea1bf526cacbd9d4830be391353
File size 716.5 KB ( 733696 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-20 09:44:04 UTC ( 1 month, 4 weeks ago )
Last submission 2018-12-20 09:44:04 UTC ( 1 month, 4 weeks ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!