× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a0e32763fa0e1493e51802af0946dc2f11184c82a6461af79569cde104661dec
Detection ratio: 45 / 70
Analysis date: 2019-02-06 05:19:47 UTC ( 3 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.30604360 20190207
AhnLab-V3 Trojan/Win32.Tiggre.C2550041 20190206
ALYac Trojan.GenericKD.30604360 20190207
Antiy-AVL Trojan/Win32.TSGeneric 20190207
Arcabit Trojan.Generic.D1D2FC48 20190207
Avast Win32:Malware-gen 20190207
AVG Win32:Malware-gen 20190207
Avira (no cloud) TR/Agent.ozhkd 20190206
BitDefender Trojan.GenericKD.30604360 20190207
CAT-QuickHeal Trojan.YakbeexMSIL.ZZ4 20190206
Comodo Malware@#2i528ian3a5pe 20190207
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181023
Cybereason malicious.31f5d3 20190109
Cyren W32/Trojan.LVEQ-4597 20190207
Emsisoft Trojan.GenericKD.30604360 (B) 20190207
ESET-NOD32 MSIL/Agent.SMM 20190207
F-Secure Trojan.TR/Agent.ozhkd 20190207
Fortinet MSIL/Agent.SMM!tr 20190207
GData Trojan.GenericKD.30604360 20190207
Ikarus Trojan.MSIL.Agent 20190206
K7AntiVirus Trojan ( 0052dc5f1 ) 20190207
K7GW Trojan ( 0052dc5f1 ) 20190207
Kaspersky Trojan-Downloader.MSIL.Agent.apgt 20190207
Malwarebytes Trojan.ClipBanker 20190207
MAX malware (ai score=97) 20190207
McAfee Artemis!152452131F5D 20190207
McAfee-GW-Edition Artemis!Trojan 20190206
Microsoft Trojan:Win32/Tiggre!rfn 20190207
eScan Trojan.GenericKD.30604360 20190207
NANO-Antivirus Trojan.Win32.Generic.fadsdb 20190207
Panda Trj/GdSda.A 20190206
Qihoo-360 Win32/Trojan.Downloader.05c 20190207
Rising Downloader.Agent!8.B23 (CLOUD) 20190207
Sophos AV Mal/Generic-S 20190206
SUPERAntiSpyware Trojan.Agent/Gen-ClipBanker 20190206
Symantec Trojan.Gen.2 20190207
Tencent Msil.Trojan-downloader.Agent.Dvps 20190207
Trapmine malicious.moderate.ml.score 20190123
TrendMicro TROJ_GEN.R007C0PKK18 20190207
TrendMicro-HouseCall TROJ_GEN.R007C0PKK18 20190207
VBA32 TrojanDownloader.MSIL.Agent 20190206
Webroot W32.Trojan.Gen 20190207
Yandex Trojan.Agent!AFjqp6dldj0 20190206
Zillya Trojan.Agent.Win32.885726 20190206
ZoneAlarm by Check Point Trojan-Downloader.MSIL.Agent.apgt 20190207
Acronis 20190130
AegisLab 20190207
Alibaba 20180921
Avast-Mobile 20190206
Babable 20180918
Baidu 20190202
Bkav 20190201
ClamAV 20190206
CMC 20190206
Cylance 20190207
DrWeb 20190207
eGambit 20190207
Endgame 20181108
F-Prot 20190207
Sophos ML 20181128
Jiangmin 20190207
Kingsoft 20190207
Palo Alto Networks (Known Signatures) 20190207
SentinelOne (Static ML) 20190203
TACHYON 20190207
TheHacker 20190203
TotalDefense 20190206
Trustlook 20190207
ViRobot 20190207
Zoner 20190207
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © Microsoft 2018

Product KeyRedirEx
Original name KeyRedirEx.exe
Internal name KeyRedirEx.exe
File version 1.0.0.0
Description KeyRedirEx
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-04-09 17:00:23
Entry Point 0x00003B4E
Number of sections 3
.NET details
Module Version ID d9a79192-e37c-4d69-8071-c97f1285a787
TypeLib ID d9fd1627-33ac-4c4f-82a3-7f237f4b564f
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
2048

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
KeyRedirEx

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
11.0

EntryPoint
0x3b4e

OriginalFileName
KeyRedirEx.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright Microsoft 2018

FileVersion
1.0.0.0

TimeStamp
2018:04:09 19:00:23+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
KeyRedirEx.exe

ProductVersion
1.0.0.0

SubsystemVersion
6.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft

CodeSize
7168

ProductName
KeyRedirEx

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 152452131f5d32af54e0d6c5f5f0583d
SHA1 2eeda065e652485ecc09c3fe16eeadcfb037ab8e
SHA256 a0e32763fa0e1493e51802af0946dc2f11184c82a6461af79569cde104661dec
ssdeep
96:3eFtZI30SCzrjvVfhnycyPugWOgr1FIwJiGdlbAe8EC6i0n4pEtyD2lzWSoSzNt:OFHvVfhyckWVFIaBlbN/piE1dWxU

authentihash 8d20495284eae9e51d613883b1c482e21c668abc844d19e6a019519ef446d461
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 9.5 KB ( 9728 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (62.0%)
Win64 Executable (generic) (23.4%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.8%)
OS/2 Executable (generic) (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-04-11 08:30:31 UTC ( 1 year, 1 month ago )
Last submission 2019-02-11 00:45:51 UTC ( 3 months, 1 week ago )
File names KeyRedirEx.exe
a0e32763fa0e1493e51802af0946dc2f11184c82a6461af79569cde104661dec.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!