× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9176a4a25eef5638b284c5a7c6b5206489436f7c21c40488504de11147307c48
File name: Kovter_2015-07-02.zip
Detection ratio: 1 / 56
Analysis date: 2015-08-19 18:51:17 UTC ( 3 years, 1 month ago )
Antivirus Result Update
NANO-Antivirus Trojan.Win32.DownLoader14.dtmbva 20150819
Ad-Aware 20150819
AegisLab 20150819
Yandex 20150819
AhnLab-V3 20150819
Alibaba 20150819
ALYac 20150819
Antiy-AVL 20150819
Arcabit 20150819
Avast 20150819
AVG 20150819
Avira (no cloud) 20150819
AVware 20150819
Baidu-International 20150819
BitDefender 20150819
Bkav 20150819
ByteHero 20150819
CAT-QuickHeal 20150819
ClamAV 20150819
CMC 20150819
Comodo 20150819
Cyren 20150819
DrWeb 20150819
Emsisoft 20150819
ESET-NOD32 20150819
F-Prot 20150819
F-Secure 20150819
Fortinet 20150819
GData 20150819
Ikarus 20150819
Jiangmin 20150818
K7AntiVirus 20150819
K7GW 20150819
Kaspersky 20150819
Kingsoft 20150819
Malwarebytes 20150819
McAfee 20150819
McAfee-GW-Edition 20150819
Microsoft 20150819
eScan 20150819
nProtect 20150819
Panda 20150819
Qihoo-360 20150819
Rising 20150817
Sophos AV 20150819
SUPERAntiSpyware 20150818
Symantec 20150819
Tencent 20150819
TheHacker 20150818
TrendMicro 20150819
TrendMicro-HouseCall 20150819
VBA32 20150819
VIPRE 20150819
ViRobot 20150819
Zillya 20150819
Zoner 20150819
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
This compressed bundle is encrypted. The encryption password is infected.
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
3
Uncompressed size
1560727
Highest datetime
2015-07-02 10:52:34
Lowest datetime
2015-07-02 05:52:34
Contained files by extension
kaf
3
Contained files by type
Portable Executable
3
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x2b8c2e21

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
520247

ZipCompressedSize
321954

FileTypeExtension
zip

ZipFileName
6ca41538ae9c25b259e6fcfce565b89b_976b00382cbb63c03e8fcd6677e4f973_Kovter.kaf

ZipBitFlag
0x0001

ZipModifyDate
2015:07:02 10:02:17

File identification
MD5 130298178196baabd76683911f8f181b
SHA1 c41a70675ca4b0b97ebcd4c28c3236db98ebc5c2
SHA256 9176a4a25eef5638b284c5a7c6b5206489436f7c21c40488504de11147307c48
ssdeep
24576:+jCj6mXZRXnS+/bC0JNArgpytTwBCQLPOLwxt4sK/:+jCHp//NJCrgABiCQLPWwI7

File size 944.0 KB ( 966657 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
encrypted contains-pe zip

VirusTotal metadata
First submission 2015-08-17 19:07:32 UTC ( 3 years, 1 month ago )
Last submission 2015-08-19 18:51:17 UTC ( 3 years, 1 month ago )
File names Kovter_2015-07-02.zip
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!