× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c01cf4a57c17c2fd925328af5b1b8d61874890f10dc0328f48d9340f29e0f57d
File name: zbetcheckin_tracker_mim.exe
Detection ratio: 15 / 66
Analysis date: 2019-04-09 05:27:47 UTC ( 1 month, 2 weeks ago ) View latest
Antivirus Result Update
Acronis suspicious 20190409
CrowdStrike Falcon (ML) win/malicious_confidence_100% (D) 20190212
Cybereason malicious.5bfc68 20190403
Cyren W32/Trojan.SW.gen!Eldorado 20190409
Endgame malicious (high confidence) 20190403
ESET-NOD32 a variant of MSIL/Kryptik.RHZ 20190409
FireEye Generic.mg.988ddf9defdf79d4 20190409
Fortinet MSIL/Kryptik.RHZ!tr 20190409
Sophos ML heuristic 20190313
McAfee-GW-Edition BehavesLike.Win32.Generic.gc 20190409
Palo Alto Networks (Known Signatures) generic.ml 20190409
Panda Trj/Genetic.gen 20190408
Qihoo-360 HEUR/QVM03.0.6705.Malware.Gen 20190409
SentinelOne (Static ML) DFI - Suspicious PE 20190407
Trapmine malicious.high.ml.score 20190325
Ad-Aware 20190409
AegisLab 20190409
AhnLab-V3 20190408
Alibaba 20190402
ALYac 20190409
Antiy-AVL 20190409
Arcabit 20190409
Avast 20190409
Avast-Mobile 20190408
AVG 20190409
Avira (no cloud) 20190408
Babable 20180918
Baidu 20190318
BitDefender 20190409
Bkav 20190408
CAT-QuickHeal 20190407
ClamAV 20190408
CMC 20190321
Comodo 20190409
DrWeb 20190409
eGambit 20190409
Emsisoft 20190409
F-Secure 20190408
GData 20190409
Ikarus 20190408
Jiangmin 20190409
K7AntiVirus 20190408
K7GW 20190409
Kaspersky 20190409
Kingsoft 20190409
Malwarebytes 20190409
MAX 20190409
McAfee 20190409
Microsoft 20190409
eScan 20190409
NANO-Antivirus 20190409
Rising 20190409
Sophos AV 20190409
SUPERAntiSpyware 20190404
Symantec Mobile Insight 20190408
TACHYON 20190409
Tencent 20190409
TheHacker 20190405
TotalDefense 20190408
TrendMicro-HouseCall 20190409
Trustlook 20190409
VBA32 20190408
ViRobot 20190409
Yandex 20190408
Zillya 20190408
ZoneAlarm by Check Point 20190409
Zoner 20190409
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2001

Product ppwHD+/L+Q=
Original name ttd1.exe
Internal name ttd1.exe
File version 5.7.10.12
Description ppwsoldHD+/L+Q==
Comments huC3xE5HQM17zg2QmgoodC93sc0=
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1972-06-02 02:30:26
Entry Point 0x0007BE9E
Number of sections 3
.NET details
Module Version ID 1ab6c1e5-655d-4822-8599-2ad45ced1db5
TypeLib ID e3693800-38c7-441e-8ca8-fbf2937bd48e
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
huC3xE5HQM17zg2QmgoodC93sc0=

InitializedDataSize
2048

ImageVersion
0.0

ProductName
ppwHD+/L+Q=

FileVersionNumber
5.7.10.12

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
8.0

FileTypeExtension
exe

OriginalFileName
ttd1.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
5.7.10.12

TimeStamp
1972:06:02 04:30:26+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
ttd1.exe

ProductVersion
5.7.10.12

FileDescription
ppwsoldHD+/L+Q==

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright 2001

MachineType
Intel 386 or later, and compatibles

CompanyName
epecododaluwaq

CodeSize
499712

FileSubtype
0

ProductVersionNumber
5.7.10.12

EntryPoint
0x7be9e

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 988ddf9defdf79d49295a45466ed595f
SHA1 9d9da585bfc68016737aad0f511b8373ac2d581e
SHA256 c01cf4a57c17c2fd925328af5b1b8d61874890f10dc0328f48d9340f29e0f57d
ssdeep
12288:3lj9cVr6ccVr6lvR9Xlj9cVr6ccVr6lvR90KUFC4oHJ9CS:3h9c56cc56lvR9Xh9c56cc56lvR9TFWS

authentihash 889d63bdc91923c68b5e0593472097f3d916cd9bdfd0c86aa0ae1722ae646612
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 490.5 KB ( 502272 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (79.2%)
Win32 Dynamic Link Library (generic) (7.1%)
Win32 Executable (generic) (4.8%)
Win16/32 Executable Delphi generic (2.2%)
OS/2 Executable (generic) (2.1%)
Tags
peexe assembly

VirusTotal metadata
First submission 2019-04-09 05:27:47 UTC ( 1 month, 2 weeks ago )
Last submission 2019-04-09 16:25:03 UTC ( 1 month, 2 weeks ago )
File names output.123087101.txt
ttd1.exe
zbetcheckin_tracker_mim.exe
mim.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!