× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a0a0d9e125dc722c810fe8037bd92d0d49980ca17c1920de1aab6c2e93b0087a
File name: adobe_flashplayer_8.exe
Detection ratio: 4 / 56
Analysis date: 2015-08-30 14:07:39 UTC ( 3 years, 3 months ago ) View latest
Antivirus Result Update
Baidu-International Trojan.MSIL.Injector.LQV 20150830
ESET-NOD32 a variant of MSIL/Injector.LQV 20150830
Kaspersky HEUR:Trojan.Win32.Generic 20150830
Qihoo-360 HEUR/QVM03.0.Malware.Gen 20150830
Ad-Aware 20150830
AegisLab 20150830
Yandex 20150829
AhnLab-V3 20150830
Alibaba 20150828
ALYac 20150830
Antiy-AVL 20150830
Arcabit 20150830
Avast 20150830
AVG 20150830
Avira (no cloud) 20150830
AVware 20150830
BitDefender 20150830
Bkav 20150829
ByteHero 20150830
CAT-QuickHeal 20150829
ClamAV 20150830
CMC 20150827
Comodo 20150830
Cyren 20150830
DrWeb 20150830
Emsisoft 20150830
F-Prot 20150829
F-Secure 20150829
Fortinet 20150830
GData 20150830
Ikarus 20150830
Jiangmin 20150829
K7AntiVirus 20150830
K7GW 20150830
Kingsoft 20150830
Malwarebytes 20150829
McAfee 20150830
McAfee-GW-Edition 20150830
Microsoft 20150830
eScan 20150830
NANO-Antivirus 20150830
nProtect 20150828
Panda 20150830
Rising 20150830
Sophos AV 20150830
SUPERAntiSpyware 20150829
Symantec 20150829
Tencent 20150830
TheHacker 20150828
TrendMicro 20150830
TrendMicro-HouseCall 20150830
VBA32 20150829
VIPRE 20150830
ViRobot 20150830
Zillya 20150830
Zoner 20150830
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2006-2013 JnbTaRjJ yOa6JYniCR

Publisher bO4WFYUR
Product DyE4jCnl5JJ
Original name irznz68.exe
Internal name irznz68.exe
File version 5.1.987.6213
Description DyE4jCnl5JJ
Comments CWuPD4Ne
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-08-30 11:32:34
Entry Point 0x0004948E
Number of sections 3
.NET details
Module Version ID 7c6fd827-4dcc-49a6-bee2-40f3853750d6
TypeLib ID b3473e3b-d88b-4a0a-a788-7e3bb71ae06e
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 7
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 9
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
CWuPD4Ne

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
5.1.987.6213

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
DyE4jCnl5JJ

CharacterSet
Unicode

InitializedDataSize
143360

EntryPoint
0x4948e

OriginalFileName
irznz68.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2006-2013 JnbTaRjJ yOa6JYniCR

FileVersion
5.1.987.6213

TimeStamp
2015:08:30 12:32:34+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
irznz68.exe

ProductVersion
5.1.987.6213

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
bO4WFYUR

CodeSize
294912

ProductName
DyE4jCnl5JJ

ProductVersionNumber
5.1.987.6213

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
5.1.987.6213

File identification
MD5 aa44ddb08b9599559b9f2ceaec32bf1a
SHA1 28ec0a0f45d03b867360ecb16d22aab9eacaefa9
SHA256 a0a0d9e125dc722c810fe8037bd92d0d49980ca17c1920de1aab6c2e93b0087a
ssdeep
6144:SYr0Oeh27CjaSLufiTn6uAM9eX3XjVYUeVc/HDGLfe076ju2:SYr0Lo8aSLuk5KnheV+aLR

authentihash 4c0a6c572bc03ea067f47ab3641961774f8936643ac69e53d13c887dccfeae99
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 432.0 KB ( 442368 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (81.0%)
Win32 Dynamic Link Library (generic) (7.2%)
Win32 Executable (generic) (4.9%)
Win16/32 Executable Delphi generic (2.2%)
Generic Win/DOS Executable (2.2%)
Tags
peexe assembly

VirusTotal metadata
First submission 2015-08-30 12:24:02 UTC ( 3 years, 3 months ago )
Last submission 2015-09-06 05:00:28 UTC ( 3 years, 3 months ago )
File names irznz68.exe
adobe_flashplayer_8.exe
adobe_flashplayer_8.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!