× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b3a5fdcca34a55c4b7e0010e1202ae56c38137ac96e4dddf9f31f103859187bb
File name: doc172_pdf.zip
Detection ratio: 45 / 57
Analysis date: 2015-09-17 05:00:26 UTC ( 3 years ago )
Antivirus Result Update
Ad-Aware Trojan.GenericKDZ.26767 20150917
Yandex Trojan.DL.Agent!kzvKi+cZYEk 20150916
ALYac Trojan.GenericKDZ.26767 20150917
Antiy-AVL Trojan/Win32.SGeneric 20150917
Arcabit Trojan.Generic.D688F 20150917
Avast Win32:Trojan-gen 20150917
AVG Downloader.Generic14.HWV 20150917
Avira (no cloud) ADWARE/Adware.Gen 20150917
AVware Trojan-Downloader.Win32.Upatre.aoa (v) 20150917
Baidu-International Trojan.Win32.Waski.F 20150916
BitDefender Trojan.GenericKDZ.26767 20150917
CAT-QuickHeal TrojanDownloader.Upatre.AA3 20150916
ClamAV Win.Trojan.Upatre-152 20150917
Comodo TrojWare.Win32.TrojanDownloader.Waski.BA 20150917
Cyren W32/Trojan.BBYE-4938 20150917
DrWeb Trojan.DownLoader11.56517 20150917
Emsisoft Trojan.GenericKDZ.26767 (B) 20150917
ESET-NOD32 Win32/TrojanDownloader.Waski.F 20150917
F-Prot W32/Trojan5.LLB 20150917
F-Secure Trojan.GenericKDZ.26767 20150917
Fortinet W32/Agent.HFHM!tr.dldr 20150917
GData Trojan.GenericKDZ.26767 20150917
Ikarus Trojan-Downloader.Win32.Waski 20150917
Jiangmin TrojanDownloader.Agent.fooa 20150916
K7AntiVirus Riskware ( 0040eff71 ) 20150916
K7GW Riskware ( 0040eff71 ) 20150917
Kaspersky Trojan-Downloader.Win32.Agent.hfhm 20150917
Malwarebytes Trojan.Email.FakeDoc 20150916
McAfee Upatre-FAAJ!B4157A9F819A 20150917
McAfee-GW-Edition Upatre-FAAJ!B4157A9F819A 20150916
Microsoft TrojanDownloader:Win32/Upatre!rfn 20150917
eScan Trojan.GenericKDZ.26767 20150917
NANO-Antivirus Trojan.Win32.DownLoader11.dmjoqh 20150917
nProtect Trojan.GenericKDZ.26767 20150916
Panda Trj/Genetic.gen 20150916
Qihoo-360 Malware.Radar01.Gen 20150917
Sophos AV Troj/Invo-Zip 20150917
Tencent Win32.Trojan-downloader.Agent.Hroz 20150917
TheHacker Trojan/Downloader.Waski.f 20150916
TotalDefense Win32/Upatre.FSEBTB 20150917
TrendMicro TROJ_UPATRE.SMAT 20150917
VBA32 TrojanDownloader.Agent 20150916
VIPRE Trojan-Downloader.Win32.Upatre.aoa (v) 20150917
ViRobot Trojan.Win32.Agent.75098[h] 20150917
Zillya Downloader.Upatre.Win32.12156 20150916
AegisLab 20150916
AhnLab-V3 20150916
Alibaba 20150917
Bkav 20150916
ByteHero 20150917
CMC 20150916
Kingsoft 20150917
Rising 20150916
SUPERAntiSpyware 20150917
Symantec 20150916
TrendMicro-HouseCall 20150917
Zoner 20150917
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
1
Uncompressed size
74360
Highest datetime
2015-01-15 16:15:54
Lowest datetime
2015-01-15 16:15:54
Contained files by extension
exe
1
Contained files by type
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0xa923a926

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
74360

ZipCompressedSize
10753

FileTypeExtension
zip

ZipFileName
doc255_pdf.exe

ZipBitFlag
0x0800

ZipModifyDate
2015:01:15 16:15:27

PCAP parents
File identification
MD5 2f014ab0c83f31066be4587bb72fc86c
SHA1 e452ff11b3f2830a329d15f5382e71545e46e877
SHA256 b3a5fdcca34a55c4b7e0010e1202ae56c38137ac96e4dddf9f31f103859187bb
ssdeep
192:+Phd2cTwZKHlns6o7BK+mUJSsZl1s6sszw3T1JBDTNggB3+6a3jHIKpf:mQcMZWZCP7CszQTZn+68H

File size 10.6 KB ( 10879 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2015-01-16 17:41:54 UTC ( 3 years, 8 months ago )
Last submission 2015-01-16 17:41:54 UTC ( 3 years, 8 months ago )
File names doc172_pdf.zip
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!