Antivirus scan for 935f37f7c9d9ad5f045b74e334cae585108d8d2fb6f3b34747e763a1126cf7e4 at 2016-05-16 04:41:24 UTC

Antivirus	Result	Update
Ad-Aware	JS:Trojan.JS.Downloader.EF	20160516
ALYac	JS:Trojan.JS.Downloader.EF	20160516
Antiy-AVL	Trojan/Generic.ASHS.28	20160516
Arcabit	JS:Trojan.JS.Downloader.EF	20160516
Avast	JS:Agent-DUD [Trj]	20160516
AVG	JS/Downloader.Agent	20160516
Avira (no cloud)	HEUR/Suspar.Gen	20160515
AVware	Trojan-Downloader.JS.Nemucod.h (v)	20160511
Baidu	JS.Trojan.Nemucod.bl	20160513
BitDefender	JS:Trojan.JS.Downloader.EF	20160516
CAT-QuickHeal	JS.Downloader.JD	20160516
ClamAV	Win.Malware.Locky-10781	20160516
Cyren	JS/Agent.TU.gen	20160516
DrWeb	JS.DownLoader.1005	20160516
Emsisoft	JS:Trojan.JS.Downloader.EF (B)	20160516
ESET-NOD32	JS/TrojanDownloader.Nemucod.VS	20160516
F-Prot	JS/Agent.TU!Eldorado	20160516
F-Secure	Trojan-Downloader:JS/TeslaCrypt.D	20160516
Fortinet	JS/Agent.NE!tr	20160516
GData	JS:Trojan.JS.Downloader.EF	20160516
Ikarus	Trojan-Ransom.Script.TeslaCrypt	20160515
K7AntiVirus	Trojan ( 004dfe6d1 )	20160515
K7GW	Trojan ( 004dfe6d1 )	20160516
Kaspersky	Trojan-Downloader.JS.Cryptoload.jn	20160516
McAfee	JS/Nemucod.dy	20160516
McAfee-GW-Edition	JS/Nemucod.dy	20160516
Microsoft	TrojanDownloader:JS/Nemucod.EH	20160516
eScan	JS:Trojan.JS.Downloader.EF	20160516
NANO-Antivirus	Trojan.Script.Nemucod.ebdeba	20160516
nProtect	JS:Trojan.JS.Downloader.EF	20160513
Rising	Trojan.Locky/Pack!1.A4AE	20160516
Sophos AV	Mal/DrodZp-A	20160516
Tencent	Js.Trojan.Raas.Auto	20160516
TrendMicro	JS_NEMUCOD.SMVZ	20160516
VBA32	Trojan-Downloader.JS.Cryptoload.ji	20160513
VIPRE	Trojan-Downloader.JS.Nemucod.h (v)	20160516
ViRobot	JS.S.Downloader.4584.E[h]	20160515
AegisLab		20160515
AhnLab-V3		20160515
Alibaba		20160516
Baidu-International		20160515
Bkav		20160514
CMC		20160510
Comodo		20160515
Jiangmin		20160516
Kingsoft		20160516
Malwarebytes		20160515
Panda		20160515
Qihoo-360		20160516
SUPERAntiSpyware		20160516
Symantec		20160516
TheHacker		20160516
TotalDefense		20160516
TrendMicro-HouseCall		20160516
Yandex		20160515
Zillya		20160514
Zoner		20160516

The file being studied is a compressed stream! More specifically, it is a ZIP file.

Contained files

This file is a compressed stream containing 1 file.

[+] mail_uhJejk.js unknown 4584 Bytes

Compression metadata

Contained files

Uncompressed size

4584

Highest datetime

2016-03-23 08:44:46

Lowest datetime

2016-03-23 08:44:46

Contained files by extension

Contained files by type

unknown

ExifTool file metadata

MIMEType

application/zip

ZipRequiredVersion

ZipCRC

0x041061f6

FileType

ZIP

ZipCompression

Deflated

ZipUncompressedSize

4584

ZipCompressedSize

2339

FileTypeExtension

zip

ZipFileName

mail_uhJejk.js

ZipBitFlag

ZipModifyDate

2016:03:23 08:44:23

File identification

MD5 d478e9f5ed6fc73d58df85f4021b0ba9

SHA1 13e1c5176a89cd23e9c2076e07dc7d9fb302c7c5

SHA256 935f37f7c9d9ad5f045b74e334cae585108d8d2fb6f3b34747e763a1126cf7e4

ssdeep

48:9SeC5NpU/5AxjqLdHH3NWr6LU8/Fyi2BIcW69J09aiMrnTLr1O/CIeJyUgBcH:4eCPpUh0GL1dWYP/Fv2BIctuajrg7uyU

File size 2.4 KB ( 2465 bytes )

File type ZIP

Magic literal

Zip archive data, at least v2.0 to extract

TrID	ZIP compressed archive (100.0%)

VirusTotal metadata

First submission 2016-03-23 12:17:56 UTC ( 1 year, 9 months ago )

Last submission 2016-05-16 04:41:24 UTC ( 1 year, 7 months ago )

File names

watch_it_16852311.zip
5a6e9d38d21363451017222c4862dfcc
details_42582947.zip
7430109797eb48912209a854909979fb
b4a97c9e612f8b933c1e400f7a068958

SHA256:	935f37f7c9d9ad5f045b74e334cae585108d8d2fb6f3b34747e763a1126cf7e4
File name:	details_42582947.zip
Detection ratio:	37 / 57
Analysis date:	2016-05-16 04:41:24 UTC ( 1 year, 7 months ago )

Ciphered bundle

Contained files

Compression metadata

Contained files by extension

Contained files by type

ExifTool file metadata

File identification

VirusTotal metadata

Leave your comment...

Recover your password

Join VirusTotal Community

Sign in