× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9779b6dd5f290d127220289949eb12424e13bc62b094c872ba46059f55699af3
File name: wizzcaster.exe
Detection ratio: 20 / 55
Analysis date: 2016-06-25 10:14:11 UTC ( 2 years, 11 months ago ) View latest
Antivirus Result Update
Antiy-AVL GrayWare[AdWare:not-a-virus]/MSIL.Amonetize 20160625
AVG Downloader.AQKQ 20160625
Avira (no cloud) ADWARE/CsdiMonetize.cqsi 20160625
AVware MSIL.Adware.CsdiMonetize 20160625
DrWeb Adware.Eorezo.909 20160625
ESET-NOD32 a variant of MSIL/Adware.CsdiMonetize.B 20160625
Fortinet Adware/Amonetize 20160625
GData Win32.Application.Agent.YCQOYG 20160625
Ikarus AdWare.MSIL.Csdimonetize 20160625
K7GW Adware ( 004f13ea1 ) 20160625
Kaspersky not-a-virus:AdWare.MSIL.Amonetize.gen 20160625
McAfee RDN/Generic PUP.x 20160625
McAfee-GW-Edition Artemis!PUP 20160624
NANO-Antivirus Trojan.Win32.Eorezo.edqnlv 20160625
Panda Trj/GdSda.A 20160625
Qihoo-360 HEUR/QVM03.0.0000.Malware.Gen 20160625
Sophos AV Generic PUA HB (PUA) 20160625
Symantec Trojan.Gen.2 20160625
Tencent Msil.Adware.Csdimonetize.Dwtn 20160625
VIPRE MSIL.Adware.CsdiMonetize 20160625
Ad-Aware 20160625
AegisLab 20160624
AhnLab-V3 20160624
Alibaba 20160624
ALYac 20160625
Arcabit 20160625
Avast 20160625
Baidu 20160624
Baidu-International 20160614
BitDefender 20160625
Bkav 20160623
CAT-QuickHeal 20160623
ClamAV 20160625
CMC 20160620
Comodo 20160625
Cyren 20160625
Emsisoft 20160625
F-Prot 20160625
F-Secure 20160625
Jiangmin 20160625
K7AntiVirus 20160625
Kingsoft 20160625
Malwarebytes 20160625
Microsoft 20160625
eScan 20160625
nProtect 20160624
SUPERAntiSpyware 20160625
TheHacker 20160624
TrendMicro 20160625
TrendMicro-HouseCall 20160625
VBA32 20160624
ViRobot 20160625
Yandex 20160624
Zillya 20160624
Zoner 20160625
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
2016

Product uyIOId
Original name Wizzcaster.exe
Internal name Wizzcaster.exe
File version 1.0.0.0
Description HZNDuz
Comments uyIJKKJD
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-06-24 12:35:39
Entry Point 0x0002BBDE
Number of sections 3
.NET details
Module Version ID 43be2740-d775-4393-b4b9-53fdd10b5238
TypeLib ID 2de60294-8ca8-4f83-9a9f-9cbe00e73981
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 4
PE resources
Debug information
ExifTool file metadata
LegalTrademarks
YJCDE

SubsystemVersion
4.0

Comments
uyIJKKJD

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
HZNDuz

CharacterSet
Unicode

InitializedDataSize
3072

EntryPoint
0x2bbde

OriginalFileName
Wizzcaster.exe

MIMEType
application/octet-stream

LegalCopyright
2016

FileVersion
1.0.0.0

TimeStamp
2016:06:24 13:35:39+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Wizzcaster.exe

ProductVersion
1.0.0.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
yuhjJKIU

CodeSize
171008

ProductName
uyIOId

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 137b9ab4f47c68012f6b1b45be4025a5
SHA1 71a182869b9910354ee6c6420dce98d11e507962
SHA256 9779b6dd5f290d127220289949eb12424e13bc62b094c872ba46059f55699af3
ssdeep
3072:G3Wv4/gvWXnBH1SpQQ5diR2mofyNrCMjbo6W5aDiB53j9y/3F2nhib:G3j73DSuYii6NTb5Hijz9y/2

authentihash 1f307c379f0e356f4aeda66c51fc52e4e0d1d868adf7608e1336acabef39f9d8
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 170.5 KB ( 174592 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (81.0%)
Win32 Dynamic Link Library (generic) (7.2%)
Win32 Executable (generic) (4.9%)
OS/2 Executable (generic) (2.2%)
Generic Win/DOS Executable (2.2%)
Tags
peexe assembly

VirusTotal metadata
First submission 2016-06-24 16:04:06 UTC ( 2 years, 11 months ago )
Last submission 2016-06-25 10:14:11 UTC ( 2 years, 11 months ago )
File names Wizzcaster.exe
wizzcaster.exe
wizzcaster.exe
aa
wizzcaster.exe
wizzcaster.exe
wizzcaster.exe
16.exe
HHhIL3YdcX.js
wizzcaster.exe
VirusShare_137b9ab4f47c68012f6b1b45be4025a5
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
HTTP requests
DNS requests
TCP connections
UDP communications