× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b17daae82726901a23d685e703c53ee9dc330b9edebc14b20b37b4e10db08954
File name: khalifer.exe
Detection ratio: 20 / 68
Analysis date: 2018-02-15 03:05:25 UTC ( 1 year ago ) View latest
Antivirus Result Update
AhnLab-V3 Trojan/Win32.MDA.R215815 20180214
Avast FileRepMetagen [Malware] 20180215
AVG FileRepMetagen [Malware] 20180215
Avira (no cloud) TR/Dropper.MSIL.dtsgg 20180215
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9994 20180208
CrowdStrike Falcon (ML) malicious_confidence_90% (W) 20170201
Cybereason malicious.25b8eb 20180205
Cylance Unsafe 20180215
Endgame malicious (high confidence) 20180214
ESET-NOD32 a variant of MSIL/Kryptik.MNQ 20180215
Ikarus Win32.Outbreak 20180214
Sophos ML heuristic 20180121
Malwarebytes Trojan.Crypt.Generic 20180215
McAfee Artemis!CBC07DA2B936 20180215
McAfee-GW-Edition BehavesLike.Win32.Generic.jc 20180215
Palo Alto Networks (Known Signatures) generic.ml 20180215
SentinelOne (Static ML) static engine - malicious 20180115
Symantec Trojan.Gen.2 20180214
Webroot W32.Trojan.Gen 20180215
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180215
Ad-Aware 20180215
AegisLab 20180215
Alibaba 20180209
ALYac 20180215
Antiy-AVL 20180215
Arcabit 20180215
Avast-Mobile 20180214
AVware 20180215
BitDefender 20180215
Bkav 20180212
CAT-QuickHeal 20180214
ClamAV 20180215
CMC 20180215
Comodo 20180215
Cyren 20180215
DrWeb 20180215
eGambit 20180215
Emsisoft 20180215
F-Prot 20180215
F-Secure 20180215
Fortinet 20180215
GData 20180215
Jiangmin 20180214
K7AntiVirus 20180215
K7GW 20180215
Kaspersky 20180215
Kingsoft 20180215
MAX 20180215
Microsoft 20180215
eScan 20180215
NANO-Antivirus 20180215
nProtect 20180215
Panda 20180214
Qihoo-360 20180215
Rising 20180215
Sophos AV 20180215
SUPERAntiSpyware 20180215
Symantec Mobile Insight 20180215
Tencent 20180215
TheHacker 20180213
TotalDefense 20180215
TrendMicro 20180215
TrendMicro-HouseCall 20180215
Trustlook 20180215
VBA32 20180214
VIPRE 20180215
ViRobot 20180215
WhiteArmor 20180205
Yandex 20180214
Zillya 20180214
Zoner 20180215
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2017 Duke Energy Corp

Product cobas TaqScreen West Nile Virus Test
Original name khalifer.exe
Internal name khalifer.exe
File version 6.8.19.2
Description cobas TaqScreen West Nile Virus Test
Comments ibadaqayubowigar
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-05-08 03:01:26
Entry Point 0x0009C00A
Number of sections 5
.NET details
Module Version ID f1394d6b-3660-45a5-8933-8c2f32c74550
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 4
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
ibadaqayubowigar

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.8.19.2

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
cobas TaqScreen West Nile Virus Test

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
268288

EntryPoint
0x9c00a

OriginalFileName
khalifer.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2017 Duke Energy Corp

FileVersion
6.8.19.2

TimeStamp
2017:05:08 04:01:26+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
khalifer.exe

ProductVersion
6.8.19.2

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Duke Energy Corp

CodeSize
351744

ProductName
cobas TaqScreen West Nile Virus Test

ProductVersionNumber
6.8.19.2

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 cbc07da2b936772cb8ea4bc06283e307
SHA1 4be0e2425b8ebbec79ce416196a06a81ae602a03
SHA256 b17daae82726901a23d685e703c53ee9dc330b9edebc14b20b37b4e10db08954
ssdeep
12288:QQ3MaxMi62r/c1fGcr2vjTj2+GHjC3TA:Z3MaOi6JfavjTj2+D30

authentihash af66020c75c56923cececbc6ab1dc25d6fef7dfa2b5ab4b7e22cc81be7ddcc02
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 606.5 KB ( 621056 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-02-15 03:05:25 UTC ( 1 year ago )
Last submission 2018-02-19 13:52:03 UTC ( 12 months ago )
File names khalifer.exe
VirusShare_cbc07da2b936772cb8ea4bc06283e307
khalifer.exe
tmp.download
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!