× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c92c4a12614e55f57a658a055258dc4aa53dbd9938457881c4ad717e77eaf129
Detection ratio: 17 / 65
Analysis date: 2018-03-27 06:03:01 UTC ( 10 months, 3 weeks ago ) View latest
Antivirus Result Update
AegisLab Uds.Dangerousobject.Multi!c 20180327
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9973 20180327
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20170201
Cylance Unsafe 20180327
Endgame malicious (high confidence) 20180316
ESET-NOD32 a variant of MSIL/Kryptik.NJW 20180327
Sophos ML heuristic 20180121
Kaspersky UDS:DangerousObject.Multi.Generic 20180327
MAX malware (ai score=94) 20180327
McAfee Artemis!780F900EDED9 20180327
McAfee-GW-Edition Artemis 20180327
Palo Alto Networks (Known Signatures) generic.ml 20180327
Qihoo-360 HEUR/QVM03.0.17C2.Malware.Gen 20180327
SentinelOne (Static ML) static engine - malicious 20180225
TrendMicro TROJ_FRS.VSN1BC18 20180327
TrendMicro-HouseCall TROJ_FRS.VSN1BC18 20180327
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180327
Ad-Aware 20180327
AhnLab-V3 20180327
Alibaba 20180327
ALYac 20180327
Antiy-AVL 20180326
Arcabit 20180327
Avast 20180326
Avast-Mobile 20180325
AVG 20180326
Avira (no cloud) 20180326
AVware 20180327
BitDefender 20180327
Bkav 20180327
CAT-QuickHeal 20180326
ClamAV 20180327
CMC 20180326
Comodo 20180327
Cybereason None
Cyren 20180327
DrWeb 20180327
eGambit 20180327
Emsisoft 20180327
F-Prot 20180327
F-Secure 20180327
Fortinet 20180327
GData 20180327
Ikarus 20180326
Jiangmin 20180327
K7AntiVirus 20180327
K7GW 20180327
Kingsoft 20180327
Microsoft 20180327
eScan 20180327
NANO-Antivirus 20180327
nProtect 20180327
Panda 20180325
Rising 20180327
Sophos AV 20180327
SUPERAntiSpyware 20180327
Symantec 20180327
Symantec Mobile Insight 20180311
Tencent 20180327
TheHacker 20180326
TotalDefense 20180327
Trustlook 20180327
VBA32 20180326
VIPRE 20180327
ViRobot 20180327
WhiteArmor 20180324
Yandex 20180324
Zillya 20180326
Zoner 20180326
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2018 Northrop Grumman Corporation

Product Space Manager with LiveReorg
Original name 1.exe
Internal name 1.exe
File version 3.14.8.4
Description Space Manager with LiveReorg
Comments vmp4t0szghpyt4r7e4e64y6ew454t
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-06-17 03:59:36
Entry Point 0x000364EE
Number of sections 3
.NET details
Module Version ID 1c065fbf-4918-4e70-80d9-7c9951db0e83
TypeLib ID 508bc840-2932-4733-bac0-fc5c5726ed2d
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 6
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 9
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
vmp4t0szghpyt4r7e4e64y6ew454t

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.14.8.4

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Space Manager with LiveReorg

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
105984

EntryPoint
0x364ee

OriginalFileName
1.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2018 Northrop Grumman Corporation

FileVersion
3.14.8.4

TimeStamp
2017:06:17 03:59:36+00:00

FileType
Win32 EXE

PEType
PE32

InternalName
1.exe

ProductVersion
3.14.8.4

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Northrop Grumman Corporation

CodeSize
214528

ProductName
Space Manager with LiveReorg

ProductVersionNumber
3.14.8.4

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 780f900eded9fc07fcac2c7e84fd053a
SHA1 af45117f982e60ec29ea55f040aa360e2b8f0ce5
SHA256 c92c4a12614e55f57a658a055258dc4aa53dbd9938457881c4ad717e77eaf129
ssdeep
6144:AKkoyrpVUbgCQ7T7TTchVcc7FQ3c4xYGsaeDsqJheJvLz:A1oVGGQ3DxYTPDsqJheJvL

authentihash 94823e5489eac311ebccdc19a5bd7b5c10b5d5831efe730af1da9ee946d528fc
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 313.5 KB ( 321024 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (62.0%)
Win64 Executable (generic) (23.4%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.8%)
OS/2 Executable (generic) (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-03-27 02:39:10 UTC ( 10 months, 3 weeks ago )
Last submission 2018-05-25 04:00:02 UTC ( 8 months, 3 weeks ago )
File names SmartDAV
SmartaDAV.exe
1.exe
SmartDAV.vir
taskmanager.exe
adobe.123
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!