× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: afa5811612ddafdfa5259590ba32e009b1385daa766c89943bc3ca2e41774912
File name: 88ffbfb96c645904f1f7ec3336bbaa01
Detection ratio: 18 / 64
Analysis date: 2018-03-25 18:54:10 UTC ( 8 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Zusy.279594 20180325
ALYac Gen:Variant.Zusy.279594 20180325
Arcabit Trojan.Zusy.D4442A 20180325
Avira (no cloud) TR/Crypt.XPACK.Gen2 20180325
BitDefender Gen:Variant.Zusy.279594 20180325
Cybereason malicious.96c645 20180225
Cylance Unsafe 20180325
Emsisoft Gen:Variant.Zusy.279594 (B) 20180325
ESET-NOD32 a variant of Win32/Kryptik.GEOY 20180325
F-Secure Gen:Variant.Zusy.279594 20180325
GData Gen:Variant.Zusy.279594 20180325
Sophos ML heuristic 20180121
Kaspersky HEUR:Trojan.Win32.Generic 20180325
MAX malware (ai score=87) 20180325
eScan Gen:Variant.Zusy.279594 20180325
NANO-Antivirus Virus.Win32.Gen.ccmw 20180325
Sophos AV Mal/Behav-238 20180325
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20180325
AegisLab 20180325
AhnLab-V3 20180325
Alibaba 20180323
Antiy-AVL 20180325
Avast 20180325
Avast-Mobile 20180325
AVG 20180325
AVware 20180325
Baidu 20180323
Bkav 20180325
CAT-QuickHeal 20180325
ClamAV 20180325
CMC 20180325
Comodo 20180325
CrowdStrike Falcon (ML) 20170201
Cyren 20180325
DrWeb 20180325
eGambit 20180325
Endgame 20180316
F-Prot 20180325
Fortinet 20180325
Ikarus 20180325
Jiangmin 20180325
K7AntiVirus 20180325
K7GW 20180325
Kingsoft 20180325
Malwarebytes 20180325
McAfee 20180325
McAfee-GW-Edition 20180325
Microsoft 20180325
nProtect 20180325
Palo Alto Networks (Known Signatures) 20180325
Panda 20180325
Qihoo-360 20180325
Rising 20180325
SentinelOne (Static ML) 20180225
SUPERAntiSpyware 20180325
Symantec 20180324
Symantec Mobile Insight 20180311
Tencent 20180325
TheHacker 20180319
TotalDefense 20180325
TrendMicro 20180325
Trustlook 20180325
VBA32 20180323
VIPRE 20180325
ViRobot 20180325
Yandex 20180324
Zoner 20180325
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-01-28 13:08:30
Entry Point 0x00001341
Number of sections 4
PE sections
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:01:28 13:08:30+00:00

FileType
Win32 EXE

PEType
PE32

CodeSize
20992

LinkerVersion
14.0

EntryPoint
0x1341

InitializedDataSize
1536

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

File identification
MD5 88ffbfb96c645904f1f7ec3336bbaa01
SHA1 e278a83e9dafd3f775e0b5263bd53875b8cda0ef
SHA256 afa5811612ddafdfa5259590ba32e009b1385daa766c89943bc3ca2e41774912
ssdeep
384:IFrnY0BaW4CRisrlrHnFB8S8UftI3ojN6xhvncNjt0vFTwdIIhU/aER8SFsTGkYf:Il1aW4Wnlrl/TfjN6f0NjtUFcdgqS4Gx

authentihash e99f1948359cd917468841fe40a46cc7f345fe49d98ef1e14f05876057bde392
File size 23.0 KB ( 23552 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
peexe

VirusTotal metadata
First submission 2018-03-25 18:54:10 UTC ( 8 months, 2 weeks ago )
Last submission 2018-03-25 18:54:10 UTC ( 8 months, 2 weeks ago )
File names 88ffbfb96c645904f1f7ec3336bbaa01
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.