× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b71749124610ce70ba91084c649c7b732ff525fd40cc7384cdd0189638db5bfa
File name: .
Detection ratio: 8 / 69
Analysis date: 2018-12-17 18:55:12 UTC ( 5 months, 1 week ago ) View latest
Antivirus Result Update
Comodo Heur.Corrupt.PE@1z141z3 20181217
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
DrWeb Trojan.DownLoader19.57204 20181217
Sophos ML heuristic 20181128
McAfee-GW-Edition BehavesLike.Win32.Generic.lc 20181217
SentinelOne (Static ML) static engine - malicious 20181011
TheHacker W32/Behav-Heuristic-CorruptFile-EP 20181216
Trapmine malicious.high.ml.score 20181205
Ad-Aware 20181217
AegisLab 20181217
AhnLab-V3 20181217
Alibaba 20180921
ALYac 20181217
Antiy-AVL 20181217
Arcabit 20181217
Avast 20181216
Avast-Mobile 20181216
AVG 20181217
Avira (no cloud) 20181217
Babable 20180918
Baidu 20181207
BitDefender 20181217
Bkav 20181217
CAT-QuickHeal 20181217
ClamAV 20181217
CMC 20181216
Cybereason 20180225
Cylance 20181217
Cyren 20181217
eGambit 20181217
Emsisoft 20181217
Endgame 20181108
ESET-NOD32 20181217
F-Prot 20181217
F-Secure 20181217
Fortinet 20181217
GData 20181217
Ikarus 20181217
Jiangmin 20181217
K7AntiVirus 20181217
K7GW 20181217
Kaspersky 20181217
Kingsoft 20181217
Malwarebytes 20181217
MAX 20181217
McAfee 20181217
Microsoft 20181217
eScan 20181217
NANO-Antivirus 20181217
Palo Alto Networks (Known Signatures) 20181217
Panda 20181217
Qihoo-360 20181217
Rising 20181217
Sophos AV 20181217
SUPERAntiSpyware 20181212
Symantec 20181217
Symantec Mobile Insight 20181215
TACHYON 20181217
Tencent 20181217
TotalDefense 20181217
TrendMicro 20181217
TrendMicro-HouseCall 20181217
Trustlook 20181217
VBA32 20181217
ViRobot 20181217
Webroot 20181217
Yandex 20181217
Zillya 20181217
ZoneAlarm by Check Point 20181217
Zoner 20181217
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-10-10 12:28:43
Entry Point 0x00051EDE
Number of sections 3
PE sections
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:10:10 14:28:43+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
327680

LinkerVersion
8.0

ImageFileCharacteristics
Executable, 32-bit

Warning
Error processing PE data dictionary

EntryPoint
0x51ede

InitializedDataSize
1536

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 2bed8d5c4f20ac59e096c3f0995bf9be
SHA1 0fd703c796a6836108a8e57a75606ef1d2afbb52
SHA256 b71749124610ce70ba91084c649c7b732ff525fd40cc7384cdd0189638db5bfa
ssdeep
384:oGFGMSohDMoyWlzSWbvHz/k3Ra3+GOGKZbQWQxhT7fdEwCP+:oG8MSPoydWHM3RgOGITQx9jdEXW

authentihash 78ce2be5c380ed58ad50e5e70c95f008ded1c012b64bf6011faa924e4c072925
File size 16.7 KB ( 17101 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
corrupt peexe assembly

VirusTotal metadata
First submission 2018-12-17 18:55:12 UTC ( 5 months, 1 week ago )
Last submission 2018-12-17 18:55:12 UTC ( 5 months, 1 week ago )
File names .
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!