× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ab2e7c869fedfc2df1e3e9b0452f1b333652c8d16de4f3852e9b4ac6687fcf2d
File name: EJ6Q7V.jpg
Detection ratio: 39 / 69
Analysis date: 2018-12-03 22:11:13 UTC ( 5 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Strictor.178637 20181203
AegisLab Trojan.MSIL.Tepfer.4!c 20181203
ALYac Gen:Variant.Ursu.285029 20181203
Arcabit Trojan.Strictor.D2B9CD 20181203
Avast Win32:Trojan-gen 20181203
AVG Win32:Trojan-gen 20181203
Avira (no cloud) TR/Dropper.Gen 20181203
BitDefender Gen:Variant.Strictor.178637 20181203
Comodo Malware@#1aghio22h6fck 20181203
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cylance Unsafe 20181203
Emsisoft Gen:Variant.Strictor.178637 (B) 20181203
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of MSIL/Kryptik.PDU 20181203
F-Secure Gen:Variant.Strictor.178637 20181203
Fortinet MSIL/Kryptik.PDU!tr 20181203
GData Gen:Variant.Strictor.178637 20181203
Sophos ML heuristic 20181128
K7AntiVirus Trojan ( 00539b8a1 ) 20181203
K7GW Trojan ( 00539b8a1 ) 20181203
Kaspersky HEUR:Trojan-PSW.MSIL.Tepfer.gen 20181203
Malwarebytes Trojan.MalPack 20181203
MAX malware (ai score=100) 20181203
McAfee RDN/Generic PWS.y 20181203
McAfee-GW-Edition BehavesLike.Win32.Generic.hc 20181203
Microsoft Trojan:Win32/Occamy.C 20181203
eScan Gen:Variant.Strictor.178637 20181203
NANO-Antivirus Trojan.Win32.Tepfer.fkufnd 20181203
Palo Alto Networks (Known Signatures) generic.ml 20181203
Panda Trj/GdSda.A 20181203
Qihoo-360 Win32/Trojan.9ac 20181203
SentinelOne (Static ML) static engine - malicious 20181011
Sophos AV Mal/Generic-S 20181203
Symantec Trojan.Gen.MBT 20181203
Tencent Win32.Trojan.Inject.Auto 20181203
Trapmine malicious.moderate.ml.score 20181128
TrendMicro TROJ_GEN.F0C2C00L118 20181203
TrendMicro-HouseCall TROJ_GEN.F0C2C00L118 20181203
ZoneAlarm by Check Point HEUR:Trojan-PSW.MSIL.Tepfer.gen 20181203
AhnLab-V3 20181203
Alibaba 20180921
Antiy-AVL 20181202
Avast-Mobile 20181203
Babable 20180918
Baidu 20181203
Bkav 20181203
CAT-QuickHeal 20181203
ClamAV 20181203
CMC 20181203
Cybereason 20180225
Cyren 20181203
DrWeb 20181203
eGambit 20181203
F-Prot 20181203
Jiangmin 20181203
Kingsoft 20181203
Rising 20181203
SUPERAntiSpyware 20181128
Symantec Mobile Insight 20181121
TACHYON 20181203
TheHacker 20181202
TotalDefense 20181203
Trustlook 20181203
VBA32 20181203
VIPRE 20181203
ViRobot 20181203
Webroot 20181203
Yandex 20181130
Zillya 20181203
Zoner 20181203
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(c) 2008 Società Italiana Tecnologie Industria Metalmeccanica

Product Laser Electrical
Original name niggab.exe
Internal name niggab.exe
File version 13.18.12.12
Description Comline
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-11-29 08:55:08
Entry Point 0x0008C00A
Number of sections 5
.NET details
Module Version ID 7fa3a3af-4a08-43f4-ac63-03cc100789b1
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 3
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 5
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
68608

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
13.18.12.12

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Comline

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
8.0

EntryPoint
0x8c00a

OriginalFileName
niggab.exe

MIMEType
application/octet-stream

LegalCopyright
(c) 2008 Societ Italiana Tecnologie Industria Metalmeccanica

FileVersion
13.18.12.12

TimeStamp
2018:11:29 09:55:08+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
niggab.exe

ProductVersion
13.18.12.12

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Societ Italiana Tecnologie Industria Metalmeccanica

CodeSize
481792

ProductName
Laser Electrical

ProductVersionNumber
13.18.12.12

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
15.1.0.6

Execution parents
File identification
MD5 76a333eeff5d9e00fa0a807c5ebf4402
SHA1 0bc8a6e0fee82c5345e5ca39492b9992d0c95363
SHA256 ab2e7c869fedfc2df1e3e9b0452f1b333652c8d16de4f3852e9b4ac6687fcf2d
ssdeep
12288:66JcHcKnTpG+shKWbgP51z8NYdIRwuZljQBCk6JU9kjm5ib5R:vj+i5bgh1z8ZRpZlu7qjm5ib5

authentihash f48e13eea0010a9ad5375b938356a1dfe2e8bd31818a5aa03170ac27a2abd048
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 538.5 KB ( 551424 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-11-30 14:20:25 UTC ( 5 months, 3 weeks ago )
Last submission 2018-12-22 02:14:24 UTC ( 5 months ago )
File names niggab.exe
76a333eeff5d9e00fa0a807c5ebf4402
windowsapp.exe
windowsapp.exe
76a333eeff5d9e00fa0a807c5ebf4402
EJ6Q7V.jpg
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!