× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 911d0a4f9d2229a01bdaec3a755d51f5bc171b39793ddf1b8b370a0fdd077174
File name: vop.exe
Detection ratio: 20 / 68
Analysis date: 2018-10-15 10:27:06 UTC ( 7 months, 1 week ago ) View latest
Antivirus Result Update
AhnLab-V3 Trojan/Win32.MSILKrypt.C2740643 20181015
Avast FileRepMalware 20181015
AVG FileRepMalware 20181015
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cylance Unsafe 20181015
Cyren W32/MSIL_Kryptik.BT.gen!Eldorado 20181015
ESET-NOD32 a variant of MSIL/Kryptik.PUS 20181015
F-Prot W32/MSIL_Kryptik.BT.gen!Eldorado 20181015
Fortinet MSIL/Kryptik.PUS!tr 20181015
Ikarus Trojan.MSIL.Crypt 20181015
Kaspersky HEUR:Trojan.Win32.Generic 20181015
Malwarebytes Trojan.PasswordStealer.MSIL 20181015
McAfee Packed-FMU!6304A7019E06 20181015
McAfee-GW-Edition BehavesLike.Win32.Generic.bh 20181015
Palo Alto Networks (Known Signatures) generic.ml 20181015
Qihoo-360 HEUR/QVM03.0.8A1B.Malware.Gen 20181015
SentinelOne (Static ML) static engine - malicious 20181011
Symantec ML.Attribute.HighConfidence 20181015
Tencent Win32.Trojan.Inject.Auto 20181015
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20181015
Ad-Aware 20181015
AegisLab 20181015
Alibaba 20180921
ALYac 20181015
Antiy-AVL 20181015
Arcabit 20181015
Avast-Mobile 20181015
Avira (no cloud) 20181015
Babable 20180918
Baidu 20181015
BitDefender 20181015
Bkav 20181014
CAT-QuickHeal 20181013
ClamAV 20181015
CMC 20181014
Comodo 20181015
Cybereason 20180225
DrWeb 20181015
eGambit 20181015
Emsisoft 20181015
Endgame 20180730
F-Secure 20181015
GData 20181015
Sophos ML 20180717
Jiangmin 20181015
K7AntiVirus 20181015
K7GW 20181015
Kingsoft 20181015
MAX 20181015
Microsoft 20181015
eScan 20181015
NANO-Antivirus 20181015
Panda 20181014
Rising 20181015
Sophos AV 20181015
SUPERAntiSpyware 20181015
Symantec Mobile Insight 20181001
TACHYON 20181015
TheHacker 20181011
TotalDefense 20181015
TrendMicro 20181015
TrendMicro-HouseCall 20181015
Trustlook 20181015
VBA32 20181015
VIPRE 20181014
ViRobot 20181015
Webroot 20181015
Yandex 20181012
Zillya 20181012
Zoner 20181014
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2018 Praxair Inc

Product Complete capacity lifecycle management for your virtual infrastructure
Original name vop.exe
Internal name vop.exe
File version 11.3.28.4
Description Complete capacity lifecycle management for your virtual infrastructure
Comments ugayexitotumiyasudiraw
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1989-04-13 15:07:03
Entry Point 0x000CA00A
Number of sections 5
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
ugayexitotumiyasudiraw

InitializedDataSize
109056

ImageVersion
0.0

ProductName
Complete capacity lifecycle management for your virtual infrastructure

FileVersionNumber
11.3.28.4

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
8.0

FileTypeExtension
exe

OriginalFileName
vop.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
11.3.28.4

TimeStamp
1989:04:13 16:07:03+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
vop.exe

ProductVersion
11.3.28.4

FileDescription
Complete capacity lifecycle management for your virtual infrastructure

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright 2018 Praxair Inc

MachineType
Intel 386 or later, and compatibles

CompanyName
Praxair Inc

CodeSize
696320

FileSubtype
0

ProductVersionNumber
11.3.28.4

EntryPoint
0xca00a

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

Execution parents
File identification
MD5 6304a7019e06c2e58461d7821c7c205b
SHA1 e192903f400622bb0d38cc743f6f65e0b469acf3
SHA256 911d0a4f9d2229a01bdaec3a755d51f5bc171b39793ddf1b8b370a0fdd077174
ssdeep
12288:xhAewYVLIKBe4nvrCgfhEnbNa4M6IIJzBR:BLDBHzCgfGnpTMvIJz7

authentihash beaaab8beafbf426a5e07ef35baf1c733e23828d525f216ad6ab82129c20618d
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 787.5 KB ( 806400 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win64 Executable (generic) (59.0%)
Win32 Dynamic Link Library (generic) (14.0%)
Win32 Executable (generic) (9.6%)
Win16/32 Executable Delphi generic (4.4%)
OS/2 Executable (generic) (4.3%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-10-15 10:27:06 UTC ( 7 months, 1 week ago )
Last submission 2018-10-15 10:27:06 UTC ( 7 months, 1 week ago )
File names <SAMPLE.EXE>
vop.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!