× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: abc85152d52d86586ccac93e10f36140f645c1f8cc0d433031c528f99d0ca89d
File name: Project1.exe
Detection ratio: 49 / 66
Analysis date: 2018-04-02 22:25:04 UTC ( 4 months, 2 weeks ago )
Antivirus Result Update
Ad-Aware Trojan.Generic.7609535 20180402
AegisLab Troj.W32.Agent.skiq!c 20180402
ALYac Trojan.Generic.7609535 20180402
Antiy-AVL Trojan/Win32.SGeneric 20180402
Arcabit Trojan.Generic.D741CBF 20180402
Avast FileRepMalware 20180402
AVG FileRepMalware 20180402
Avira (no cloud) TR/ATRAPS.Gen 20180402
AVware Trojan.Win32.Generic!BT 20180402
BitDefender Trojan.Generic.7609535 20180402
Bkav W32.MatezoneC.Trojan 20180402
CAT-QuickHeal TrojanDropper.Sysn 20180402
ClamAV Win.Trojan.Agent-1392561 20180402
CMC Trojan.Win32.Agent!O 20180402
Comodo UnclassifiedMalware 20180402
Cybereason malicious.51e5ea 20180225
Cylance Unsafe 20180402
Cyren W32/Trojan.JZDQ-2551 20180402
DrWeb Trojan.DownLoader6.15125 20180402
Emsisoft Trojan.Generic.7609535 (B) 20180402
ESET-NOD32 MSIL/Injector.AEG 20180402
F-Secure Trojan.Generic.7609535 20180402
Fortinet W32/Agent.AEG!tr 20180402
GData Trojan.Generic.7609535 20180402
Ikarus Trojan.Win32.Agent 20180402
Jiangmin Trojan/Agent.gacx 20180402
K7AntiVirus Trojan ( 004aa1bd1 ) 20180402
K7GW Trojan ( 004aa1bd1 ) 20180402
Kaspersky Trojan-Dropper.Win32.Sysn.brvl 20180402
MAX malware (ai score=82) 20180402
McAfee Generic.ku 20180402
McAfee-GW-Edition Generic.ku 20180402
Microsoft Trojan:MSIL/Ainslot.A 20180402
eScan Trojan.Generic.7609535 20180402
NANO-Antivirus Trojan.Win32.Agent.sphhe 20180402
Palo Alto Networks (Known Signatures) generic.ml 20180402
Panda Trj/Agent.JIH 20180402
Qihoo-360 Malware.Radar01.Gen 20180402
Rising Dropper.Sysn!8.3D8 (TFE:C:4ciYK2IqOtQ) 20180402
Sophos AV Mal/Generic-L 20180402
Symantec W32.Shadesrat.C 20180402
Tencent Win32.Trojan-dropper.Sysn.Hpse 20180402
TrendMicro TROJ_INJECT.BYY 20180402
TrendMicro-HouseCall TROJ_INJECT.BYY 20180402
VBA32 Trojan.Agent 20180402
VIPRE Trojan.Win32.Generic!BT 20180402
ViRobot Backdoor.Win32.S.Agent.10696 20180402
Zillya Trojan.Agent.Win32.242764 20180402
ZoneAlarm by Check Point Trojan-Dropper.Win32.Sysn.brvl 20180402
AhnLab-V3 20180402
Alibaba 20180402
Avast-Mobile 20180402
Baidu 20180402
CrowdStrike Falcon (ML) 20170201
eGambit 20180402
Endgame 20180316
F-Prot 20180402
Sophos ML 20180121
Kingsoft 20180402
Malwarebytes 20180402
nProtect 20180402
SentinelOne (Static ML) 20180225
SUPERAntiSpyware 20180402
Symantec Mobile Insight 20180401
TheHacker 20180330
Trustlook 20180402
WhiteArmor 20180324
Yandex 20180331
Zoner 20180401
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Mic© Microsoft Corporation. All rights reserved.rosoft® Windows® Operating System
Original name Project1.exe
Internal name Project1.exe
File version 11.0.40825.0
Description Code Coverage Collection
Comments VSCover
Signature verification A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Signing date 11:25 PM 4/2/2018
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-06-05 03:07:16
Entry Point 0x000039E6
Number of sections 3
.NET details
Module Version ID 84656b6e-f383-496a-b1c3-681b07388a02
TypeLib ID c9a8c7dc-b726-4d41-b0c6-e78ae04da377
PE sections
Overlays
MD5 9a47547b9a1d4651d9f04d490c131599
File type data
Offset 9728
Size 968
Entropy 6.89
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
VSCover

LinkerVersion
11.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
11.0.40825.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Code Coverage Collection

CharacterSet
Unicode

InitializedDataSize
8704

EntryPoint
0x39e6

OriginalFileName
Project1.exe

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
11.0.40825.0

TimeStamp
2012:06:05 04:07:16+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Project1.exe

ProductVersion
11.0.40825.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
6656

ProductName
Mic Microsoft Corporation. All rights reserved.rosoft Windows Operating System

ProductVersionNumber
11.0.40825.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
11.0.40825.2

File identification
MD5 291ce2c51e5ea57b571d6610e1d324f9
SHA1 c236053023e403d55effaf1b2d8b22e0aa652b69
SHA256 abc85152d52d86586ccac93e10f36140f645c1f8cc0d433031c528f99d0ca89d
ssdeep
192:vsv5kBApeJTjC4cfRPMRyqcHA329o1h1y6WKwWrVcFy:GCgHA329oD86WKwWhcFy

authentihash 5e0429eb304461ca7a5016e891531b9349772fa2a0678e3ee7f5518aa780f664
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 10.4 KB ( 10696 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe assembly overlay

VirusTotal metadata
First submission 2012-06-06 09:41:59 UTC ( 6 years, 2 months ago )
Last submission 2018-04-02 22:25:04 UTC ( 4 months, 2 weeks ago )
File names file-4063465_exe
abc85152d52d8658_vscover.exe
Project1.exe
D6F03C25C8061D0B291D007DCA4876007B5CE918.exe
VSCover.exe
VSCover.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!