× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9e991f553655750e59e4be0b87d4c56bd953db62811ebf1432151f24de622e9c
File name: 16160.exe
Detection ratio: 4 / 56
Analysis date: 2016-03-10 07:42:36 UTC ( 3 years, 2 months ago ) View latest
Antivirus Result Update
AVware FraudTool.Win32.SecurityShield.ek!c (v) 20160310
McAfee-GW-Edition BehavesLike.Win32.Duptwux.kt 20160309
Rising PE:Malware.Generic(Thunder)!1.A1C4 [F] 20160310
VIPRE FraudTool.Win32.SecurityShield.ek!c (v) 20160310
Ad-Aware 20160310
AegisLab 20160310
Yandex 20160308
AhnLab-V3 20160309
Alibaba 20160310
ALYac 20160310
Antiy-AVL 20160310
Arcabit 20160310
Avast 20160310
AVG 20160310
Avira (no cloud) 20160310
Baidu 20160310
Baidu-International 20160309
BitDefender 20160310
Bkav 20160309
ByteHero 20160310
CAT-QuickHeal 20160310
ClamAV 20160310
CMC 20160307
Comodo 20160310
Cyren 20160310
DrWeb 20160310
Emsisoft 20160310
ESET-NOD32 20160310
F-Prot 20160310
F-Secure 20160310
Fortinet 20160310
GData 20160310
Ikarus 20160310
Jiangmin 20160310
K7AntiVirus 20160309
K7GW 20160310
Kaspersky 20160310
Malwarebytes 20160310
McAfee 20160310
Microsoft 20160310
eScan 20160310
NANO-Antivirus 20160310
nProtect 20160309
Panda 20160309
Qihoo-360 20160310
Sophos AV 20160310
SUPERAntiSpyware 20160310
Symantec 20160309
Tencent 20160310
TheHacker 20160310
TrendMicro 20160310
TrendMicro-HouseCall 20160310
VBA32 20160309
ViRobot 20160310
Zillya 20160309
Zoner 20160310
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-03-10 03:18:48
Entry Point 0x0000105A
Number of sections 12
PE sections
Overlays
MD5 05a1090872a826612f2b019283bb2363
File type data
Offset 57856
Size 5805
Entropy 0.09
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2016:03:10 04:18:48+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
55808

LinkerVersion
8.0

Warning
Error processing PE data dictionary

EntryPoint
0x105a

InitializedDataSize
152064

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

File identification
MD5 29dd5e66f9d450080286c5e38fe06ea7
SHA1 23c4497c142276333c3062e3b9a3b19a0c896f2e
SHA256 9e991f553655750e59e4be0b87d4c56bd953db62811ebf1432151f24de622e9c
ssdeep
768:XEHEJin2nCBhaRlpQJDgYqql0FRxx1+y0oE/lQTc14Ir:QEAhBhaRlpQNgS2eloEuc14Q

authentihash eef39a274ea274aff5145c6c7124cc03d5b2043865918c8b1f7882769d1d9494
File size 62.2 KB ( 63661 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
corrupt peexe overlay

VirusTotal metadata
First submission 2016-03-10 07:35:54 UTC ( 3 years, 2 months ago )
Last submission 2016-05-08 16:52:46 UTC ( 3 years ago )
File names 16160.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!