× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 979ad0cd2ecc90bfe7cb1dd8baef26da172ddb8189c0cf54571bfb4a257bc849
File name: 7701368
Detection ratio: 15 / 66
Analysis date: 2018-05-09 14:36:16 UTC ( 9 months, 2 weeks ago ) View latest
Antivirus Result Update
Avast Win32:GenMalicious-NYM [Trj] 20180509
AVG Win32:GenMalicious-NYM [Trj] 20180509
Babable Malware.HighConfidence 20180406
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180509
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180418
Cylance Unsafe 20180509
eGambit Unsafe.AI_Score_64% 20180509
Endgame malicious (high confidence) 20180507
ESET-NOD32 a variant of Win32/GenKryptik.BZGV 20180509
Sophos ML heuristic 20180503
McAfee GenericRXFH-VI!D25E1193DA94 20180509
Palo Alto Networks (Known Signatures) generic.ml 20180509
Qihoo-360 HEUR/QVM20.1.0CAE.Malware.Gen 20180509
SentinelOne (Static ML) static engine - malicious 20180225
Symantec Packed.Generic.517 20180509
Ad-Aware 20180509
AegisLab 20180509
AhnLab-V3 20180509
Alibaba 20180509
ALYac 20180509
Antiy-AVL 20180509
Arcabit 20180509
Avast-Mobile 20180509
Avira (no cloud) 20180509
AVware 20180428
BitDefender 20180509
Bkav 20180509
CAT-QuickHeal 20180509
ClamAV 20180509
CMC 20180509
Comodo 20180509
Cybereason None
Cyren 20180509
DrWeb 20180509
Emsisoft 20180509
F-Prot 20180509
F-Secure 20180509
Fortinet 20180509
GData 20180509
Jiangmin 20180509
K7AntiVirus 20180509
K7GW 20180509
Kaspersky 20180509
Kingsoft 20180509
Malwarebytes 20180509
MAX 20180509
McAfee-GW-Edition 20180509
Microsoft 20180509
eScan 20180509
NANO-Antivirus 20180509
nProtect 20180509
Panda 20180509
Rising 20180509
Sophos AV 20180509
SUPERAntiSpyware 20180509
Symantec Mobile Insight 20180509
Tencent 20180509
TheHacker 20180509
TotalDefense 20180509
TrendMicro 20180509
TrendMicro-HouseCall 20180509
Trustlook 20180509
VBA32 20180508
VIPRE 20180509
ViRobot 20180509
Webroot 20180509
Yandex 20180508
Zillya 20180508
ZoneAlarm by Check Point 20180509
Zoner 20180509
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-05-09 14:25:25
Entry Point 0x00001417
Number of sections 5
PE sections
PE imports
SelectObject
SetTextJustification
DPtoLP
CloseFigure
GetUserDefaultUILanguage
GetStringScripts
GetConsoleMode
GetExitCodeThread
GetTapeStatus
IsProcessorFeaturePresent
GetThreadTimes
GetCommandLineA
GetConsoleHistoryInfo
GetCurrentThread
GetCaretBlinkTime
ScrollWindowEx
AnyPopup
CreateCaret
GetPhysicalCursorPos
LockSetForegroundWindow
SCardStatusA
Number of PE resources by type
RT_STRING 12
RT_BITMAP 4
Number of PE resources by language
NEUTRAL 16
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:05:09 07:25:25-07:00

FileType
Win32 EXE

PEType
PE32

CodeSize
12288

LinkerVersion
13.0

ImageFileCharacteristics
No relocs, Executable, 32-bit

EntryPoint
0x1417

InitializedDataSize
0

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

PCAP parents
File identification
MD5 d25e1193da94580fa76780b97ba05bad
SHA1 a36dc4365e3f956ceb66d28e5ca90d32e59daf4c
SHA256 979ad0cd2ecc90bfe7cb1dd8baef26da172ddb8189c0cf54571bfb4a257bc849
ssdeep
6144:0r0PGgf1tsgAoC6gB/xXEyC9u+jFi7W621XMT7sr62i+EBFzZYotp:mgf1ugAomlxUL9u+ZiJ2NMsni++YoT

authentihash 391a1eca668f7acd7940c2025cdbb4a25554c9571cf59bb2d30ae6809ea8cac6
imphash 4480c90e7d43361e30be8dbb3c89179e
File size 252.0 KB ( 258048 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-05-09 14:36:16 UTC ( 9 months, 2 weeks ago )
Last submission 2018-05-27 17:57:31 UTC ( 9 months ago )
File names 7701368
6394362571c317d7bc8f5e423727183faede4465
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!