× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 93e4af1f5d55eab8682a91f605019810921a8a569b29b8b8d74a97fce78da6e7
File name: 16369432
Detection ratio: 18 / 66
Analysis date: 2018-10-11 06:06:17 UTC ( 7 months, 1 week ago ) View latest
Antivirus Result Update
AhnLab-V3 Trojan/Win32.MSIL.R220700 20181011
CrowdStrike Falcon (ML) malicious_confidence_60% (D) 20180723
Cylance Unsafe 20181011
Cyren W32/Trojan.BEJ.gen!Eldorado 20181011
Emsisoft Trojan.Crypt (A) 20181011
ESET-NOD32 a variant of MSIL/Injector.TZY 20181011
F-Prot W32/Trojan.BEJ.gen!Eldorado 20181011
Kaspersky HEUR:Trojan.Win32.Generic 20181011
Malwarebytes Spyware.PasswordStealer 20181011
McAfee Packed-FMN!DDE94D979E53 20181011
McAfee-GW-Edition BehavesLike.Win32.Generic.gh 20181011
Microsoft Trojan:Win32/Azden.A!cl 20181011
Palo Alto Networks (Known Signatures) generic.ml 20181011
Qihoo-360 HEUR/QVM03.0.7279.Malware.Gen 20181011
Rising Trojan.Injector!8.C4 (CLOUD) 20181011
SentinelOne (Static ML) static engine - malicious 20180926
Symantec ML.Attribute.HighConfidence 20181010
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20181011
Ad-Aware 20181011
AegisLab 20181011
Alibaba 20180921
ALYac 20181011
Antiy-AVL 20181011
Arcabit 20181011
Avast 20181011
Avast-Mobile 20181010
AVG 20181011
Avira (no cloud) 20181011
Baidu 20181010
BitDefender 20181011
Bkav 20181009
CAT-QuickHeal 20181010
ClamAV 20181010
CMC 20181011
Comodo 20181011
Cybereason 20180225
DrWeb 20181011
eGambit 20181011
Endgame 20180730
F-Secure 20181010
Fortinet 20181011
GData 20181011
Ikarus 20181010
Sophos ML 20180717
Jiangmin 20181009
K7AntiVirus 20181010
K7GW 20181010
Kingsoft 20181011
MAX 20181011
eScan 20181011
NANO-Antivirus 20181011
Panda 20181010
Sophos AV 20181011
SUPERAntiSpyware 20181006
Symantec Mobile Insight 20181001
TACHYON 20181011
Tencent 20181011
TheHacker 20181008
TotalDefense 20181011
TrendMicro 20181010
TrendMicro-HouseCall 20181010
Trustlook 20181011
VBA32 20181010
ViRobot 20181011
Webroot 20181011
Yandex 20181010
Zillya 20181010
Zoner 20181010
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2008 - 2018. All rights reserved.

Product Same as in FIleDescription
Original name marlboro.exe
Internal name marlboro.exe
File version 8.11.4.2
Description How is seen in task manager
Comments Random comments
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1972-12-04 22:06:00
Entry Point 0x0007C30E
Number of sections 3
.NET details
Module Version ID 7819f0f6-167b-49d2-86f2-594727223028
TypeLib ID 00afb04f-7c42-4db9-a030-35d99da41e7f
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
Random comments

InitializedDataSize
2560

ImageVersion
0.0

ProductName
Same as in FIleDescription

FileVersionNumber
8.11.4.2

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
8.0

FileTypeExtension
exe

OriginalFileName
marlboro.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
8.11.4.2

TimeStamp
1972:12:04 22:06:00+00:00

FileType
Win32 EXE

PEType
PE32

InternalName
marlboro.exe

ProductVersion
8.11.4.2

FileDescription
How is seen in task manager

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright 2008 - 2018. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Company name

CodeSize
500736

FileSubtype
0

ProductVersionNumber
8.11.4.2

EntryPoint
0x7c30e

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 dde94d979e5348641ae8201558d55a01
SHA1 5c1966765ab2dfb97664ed1176d5858ad32c8352
SHA256 93e4af1f5d55eab8682a91f605019810921a8a569b29b8b8d74a97fce78da6e7
ssdeep
6144:/GTgi5fiWH9HcSbxd2Cts7nrcHB57eHL2IO3wz0Co3sLuwhOA:/Kh8SbxdmnrcTKHLz

authentihash 84e63bd5ca8c507a9c5a8c677871919f2d085e0b5b955418d79e98af9b106341
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 492.0 KB ( 503808 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (81.0%)
Win32 Dynamic Link Library (generic) (7.2%)
Win32 Executable (generic) (4.9%)
OS/2 Executable (generic) (2.2%)
Generic Win/DOS Executable (2.2%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-10-11 03:11:10 UTC ( 7 months, 1 week ago )
Last submission 2019-05-10 14:12:13 UTC ( 1 week, 3 days ago )
File names 16369432
package350_VirusShare_dde94d979e5348641ae8201558d55a01
marlboro.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!