× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b19fa36626eff5ff3398cccba1e28194236bf857d720c0785d6cbf435f7c12e4
File name: NfoFile Viewer.exe
Detection ratio: 48 / 68
Analysis date: 2018-07-22 20:50:41 UTC ( 10 months ago )
Antivirus Result Update
Ad-Aware Gen:Trojan.Heur.GZ.amKebmqdEpki 20180722
AegisLab Gen.Troj.Heur!c 20180722
AhnLab-V3 Packed/Upack 20180721
Antiy-AVL Trojan/Win32.SGeneric 20180722
Arcabit Trojan.Heur.GZ.amKebmqdEpki 20180722
AVware Trojan.Win32.Packer.Upack0.3.9 (ep) 20180722
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9834 20180717
BitDefender Gen:Trojan.Heur.GZ.amKebmqdEpki 20180722
Bkav W32.OnGamesLT180912HKGHAAI.Trojan 20180719
CAT-QuickHeal Worm.ininf 20180722
ClamAV Win.Trojan.Onlinegames-44 20180722
CMC Generic.Win32.da09cb6285!CMCRadar 20180722
Comodo Packed.Win32.MUPACK.~KW 20180722
CrowdStrike Falcon (ML) malicious_confidence_80% (D) 20180530
Cybereason malicious.2856d0 20180225
Cylance Unsafe 20180722
Cyren W32/Heuristic-162!Eldorado 20180722
Emsisoft Gen:Trojan.Heur.GZ.amKebmqdEpki (B) 20180722
Endgame malicious (high confidence) 20180711
F-Prot W32/Heuristic-162!Eldorado 20180722
F-Secure Gen:Trojan.Heur.GZ.amKebmqdEpki 20180722
GData Gen:Trojan.Heur.GZ.amKebmqdEpki 20180722
Ikarus Trojan-Downloader.Win32.Genome 20180722
Sophos ML heuristic 20180717
Jiangmin TrojanDropper.Agent.aaen 20180722
K7AntiVirus Trojan ( 003b1b581 ) 20180722
K7GW Trojan ( 003b1b581 ) 20180722
Kingsoft Win32.Troj.Generic.(kcloud) 20180722
MAX malware (ai score=100) 20180722
McAfee Generic.dx!DA09CB62856D 20180722
McAfee-GW-Edition Generic.dx!DA09CB62856D 20180722
Microsoft Trojan:Win32/Vigorf.A 20180722
eScan Gen:Trojan.Heur.GZ.amKebmqdEpki 20180722
NANO-Antivirus Trojan.Win32.Agent.dfvvlv 20180722
Qihoo-360 Trojan/Win32.Generic.706286 20180722
Rising Trojan.Win32.Generic.1252AEBB (C64:YzY0Onhu0L2mv8vP) 20180722
SentinelOne (Static ML) static engine - malicious 20180701
Sophos AV Mal/Generic-S 20180722
SUPERAntiSpyware Trojan.Unknown Origin 20180722
Symantec ML.Attribute.HighConfidence 20180722
Tencent Win32.Trojan.Generic.deov 20180722
TheHacker W32/Behav-Heuristic-060 20180722
TrendMicro Cryp_Xed-12 20180722
TrendMicro-HouseCall Cryp_Xed-12 20180722
VIPRE Trojan.Win32.Packer.Upack0.3.9 (ep) 20180722
Webroot W32.Trojan.Dropper 20180722
Yandex Trojan.Agent!eQ+gbmtHwVk 20180720
Zillya Trojan.Heur.Win32.2909 20180720
Alibaba 20180713
ALYac 20180722
Avast 20180722
Avast-Mobile 20180722
AVG 20180722
Avira (no cloud) 20180722
Babable 20180406
DrWeb 20180722
eGambit 20180722
ESET-NOD32 20180722
Fortinet 20180722
Kaspersky 20180722
Malwarebytes 20180722
Palo Alto Networks (Known Signatures) 20180722
Panda 20180722
TACHYON 20180722
TotalDefense 20180722
Trustlook 20180722
VBA32 20180720
ViRobot 20180722
ZoneAlarm by Check Point 20180722
Zoner 20180721
The file being studied is a Portable Executable file! More specifically, it is a DOS EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product NFO View
Original name NfoFile Viewer.exe
Internal name NfoFile Viewer
File version 1.00.0002
Packers identified
F-PROT UPack
PEiD WinUpack v0.39 final -> By Dwing (c)2005 (h1)
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-01-23 23:39:42
Entry Point 0x00001018
Number of sections 3
PE sections
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 2
ENGLISH US 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2004:01:24 00:39:42+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
1766614113

LinkerVersion
76.111

FileTypeExtension
exe

InitializedDataSize
1918988898

SubsystemVersion
4.0

EntryPoint
0x1018

OSVersion
4.0

ImageVersion
0.57

UninitializedDataSize
16761

File identification
MD5 da09cb62856d07d0e87f0368800ff185
SHA1 fdeb3692afa674d4baa794c36ae68ef219c684de
SHA256 b19fa36626eff5ff3398cccba1e28194236bf857d720c0785d6cbf435f7c12e4
ssdeep
192:A8yPtb8VCyLi5djiHdWx+jw4zD+773e5ap:A8y+ky6NiH4x+1v+7a5Y

authentihash d828948c6be3190e7be1ce3eaf1a09e62e953e4cd54319a21b4a3492c40ee895
File size 10.0 KB ( 10224 bytes )
File type DOS EXE
Magic literal
MS-DOS executable, MZ for MS-DOS

TrID DOS Executable Generic (100.0%)
Tags
upack mz

VirusTotal metadata
First submission 2008-04-18 16:40:28 UTC ( 11 years, 1 month ago )
Last submission 2018-07-22 20:50:41 UTC ( 10 months ago )
File names ry_2KvjzL.xlt
aa
NfoFile Viewer.exe
xYMPMgrHv.tar.bz2
NfoFile Viewer.exe
NfoFile Viewer
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!