× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9a3bfe2518904da9dba7f94833ab56d9730d1ca6ee13aa312f184a1ba8f0e71a
File name: svchost.123
Detection ratio: 39 / 68
Analysis date: 2018-10-21 03:35:15 UTC ( 7 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.31297412 20181020
AhnLab-V3 Trojan/Win32.Kryptik.C2766994 20181020
Alibaba Trojan:MSIL/Kryptik.408dd4e7 20180921
ALYac Trojan.GenericKD.31297412 20181021
Arcabit Trojan.Generic.D1DD8F84 20181020
Avast Win32:Trojan-gen 20181021
AVG Win32:Trojan-gen 20181021
BitDefender Trojan.GenericKD.31297412 20181021
Comodo UnclassifiedMalware 20181021
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cylance Unsafe 20181021
Cyren W32/Trojan.VNQZ-1466 20181020
DrWeb Trojan.PWS.Stealer.24300 20181021
Emsisoft Trojan.GenericKD.31297412 (B) 20181021
Endgame malicious (moderate confidence) 20180730
ESET-NOD32 a variant of MSIL/Kryptik.PUS 20181020
F-Secure Trojan.GenericKD.31297412 20181021
Fortinet Malicious_Behavior.SB 20181020
GData Trojan.GenericKD.31297412 20181021
Ikarus Trojan.MSIL.Crypt 20181020
Sophos ML heuristic 20180717
K7AntiVirus Trojan ( 0053ea181 ) 20181021
K7GW Trojan ( 0053ea181 ) 20181020
Kaspersky HEUR:Trojan-Spy.MSIL.Stealer.gen 20181021
Malwarebytes Backdoor.Bot 20181020
MAX malware (ai score=100) 20181021
McAfee Packed-FMW!BB752EEC3D99 20181021
McAfee-GW-Edition BehavesLike.Win32.Generic.cc 20181020
Microsoft Trojan:Win32/Occamy.C 20181020
eScan Trojan.GenericKD.31297412 20181021
Palo Alto Networks (Known Signatures) generic.ml 20181021
Panda Trj/GdSda.A 20181020
Qihoo-360 Win32/Trojan.Spy.67f 20181021
Sophos AV Mal/Generic-S 20181020
Symantec ML.Attribute.HighConfidence 20181020
TrendMicro TROJ_GEN.F0C2C00JJ18 20181020
TrendMicro-HouseCall TROJ_GEN.F0C2C00JJ18 20181020
Webroot W32.Trojan.GenKD 20181021
ZoneAlarm by Check Point HEUR:Trojan-Spy.MSIL.Stealer.gen 20181021
AegisLab 20181021
Antiy-AVL 20181019
Avast-Mobile 20181020
Avira (no cloud) 20181020
Babable 20180918
Baidu 20181019
Bkav 20181019
CAT-QuickHeal 20181020
ClamAV 20181020
CMC 20181021
Cybereason 20180225
eGambit 20181021
F-Prot 20181021
Jiangmin 20181021
Kingsoft 20181021
NANO-Antivirus 20181020
Rising 20181020
SentinelOne (Static ML) 20181011
SUPERAntiSpyware 20181015
Symantec Mobile Insight 20181001
TACHYON 20181021
Tencent 20181021
TheHacker 20181018
TotalDefense 20181018
Trustlook 20181021
VBA32 20181019
ViRobot 20181020
Yandex 20181020
Zillya 20181019
Zoner 20181020
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(C) 2016 philandro Software GmbH

Product AnyDesk
File version 3.6.3.0
Description AnyDesk
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2007-09-17 19:06:06
Entry Point 0x0003400A
Number of sections 5
.NET details
Module Version ID a6e73a08-d48e-4b7e-82b7-ed743afa0b4a
TypeLib ID 36c830c3-c8d8-4b8f-b35e-6479e4fc23c6
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 4
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 6
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
72192

ImageVersion
0.0

ProductName
AnyDesk

FileVersionNumber
3.6.3.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Latin1

LinkerVersion
8.0

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
3.6.3.0

TimeStamp
2007:09:17 21:06:06+02:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
3.6

FileDescription
AnyDesk

OSVersion
4.0

FileOS
Unknown (0)

LegalCopyright
(C) 2016 philandro Software GmbH

MachineType
Intel 386 or later, and compatibles

CompanyName
philandro Software GmbH

CodeSize
120832

FileSubtype
0

ProductVersionNumber
0.0.0.0

EntryPoint
0x3400a

ObjectFileType
Executable application

File identification
MD5 bb752eec3d99433f7ab9dd0819e44a93
SHA1 6d6510aa1f21067e523f8eb08b2eb6933cf3d015
SHA256 9a3bfe2518904da9dba7f94833ab56d9730d1ca6ee13aa312f184a1ba8f0e71a
ssdeep
3072:iuTmJq9RdNQefX1uznJ73csUSbY3wdFD0vKYyUZ7Gx3I7M+ql2C:LmaluznJ1ww70vKsZ7Gx3I7M+ql2C

authentihash 545ff1fb66eafad22d74361c90e11163097aa3b9e0a4dc77fa1879eecd732d9a
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 189.5 KB ( 194048 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-10-19 04:38:46 UTC ( 7 months ago )
Last submission 2018-11-06 03:10:47 UTC ( 6 months, 2 weeks ago )
File names bb752eec3d99433f7ab9dd0819e44a93
svchost.123
bb752eec3d99433f7ab9dd0819e44a93
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!