× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: cd1c5d64897372bf0c5c4fe4d3e654e5ca363e0f1b707cdddf591108336163a5
Detection ratio: 29 / 60
Analysis date: 2017-09-30 12:40:06 UTC ( 2 weeks, 6 days ago )
Antivirus Result Update
Ad-Aware Trojan.Agent.CMOY 20170930
AegisLab Troj.Msil.Crypt!c 20170930
ALYac Gen:Variant.Ursu.99 20170930
Antiy-AVL Trojan[ArcBomb]/Win32.Agent 20170930
Arcabit Trojan.Agent.CMOY 20170930
Avira (no cloud) TR/Dropper.Gen 20170930
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9982 20170930
BitDefender Trojan.Agent.CMOY 20170930
CAT-QuickHeal Trojan.MSIL 20170930
Cyren ZIP/Trojan.JKDC-8 20170930
DrWeb Trojan.DownLoader25.8942 20170930
Emsisoft Trojan.Agent.CMOY (B) 20170930
ESET-NOD32 a variant of MSIL/Injector.SWO 20170930
F-Secure Gen:Variant.Ursu.99 20170930
Fortinet Malicious_Behavior.SB 20170929
GData Trojan.Agent.CMOY 20170930
Sophos ML heuristic 20170914
K7AntiVirus Trojan ( 00514e161 ) 20170928
K7GW Trojan ( 00514e161 ) 20170930
Kaspersky Trojan.MSIL.Crypt.emuc 20170930
MAX malware (ai score=82) 20170930
Microsoft Trojan:Win32/Skeeyah.A!rfn 20170930
eScan Trojan.Agent.CMOY 20170930
Sophos AV Troj/MSIL-KCG 20170930
Symantec Trojan.Gen.NPE 20170929
Tencent Msil.Trojan.Crypt.Eehf 20170930
TrendMicro-HouseCall Suspicious_GEN.F47V0910 20170930
VBA32 Trojan.MSIL.Crypt 20170929
ZoneAlarm by Check Point Trojan.MSIL.Crypt.emuc 20170930
AhnLab-V3 20170930
Alibaba 20170911
Avast 20170930
Avast-Mobile 20170929
AVG 20170930
AVware 20170930
ClamAV 20170930
CMC 20170928
Comodo 20170930
CrowdStrike Falcon (ML) 20170804
Cylance 20170930
Endgame 20170821
F-Prot 20170930
Ikarus 20170930
Jiangmin 20170930
Kingsoft 20170930
Malwarebytes 20170930
McAfee 20170930
McAfee-GW-Edition 20170930
NANO-Antivirus 20170930
nProtect 20170929
Palo Alto Networks (Known Signatures) 20170930
Panda 20170930
Qihoo-360 20170930
Rising 20170930
SentinelOne (Static ML) 20170806
SUPERAntiSpyware 20170930
Symantec Mobile Insight 20170928
TheHacker 20170928
TrendMicro 20170930
Trustlook 20170930
VIPRE 20170930
ViRobot 20170930
Webroot 20170930
WhiteArmor 20170927
Yandex 20170908
Zillya 20170929
Zoner 20170930
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
1
Uncompressed size
261095424
Highest datetime
2017-09-06 15:36:40
Lowest datetime
2017-09-06 15:36:40
Contained files by extension
exe
1
Contained files by type
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x1699f259

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
261095424

ZipCompressedSize
669431

FileTypeExtension
zip

ZipFileName
Itune.exe

ZipBitFlag
0

ZipModifyDate
2017:09:06 15:36:20

Compressed bundles
File identification
MD5 fa6b6b8bf9693b2cd20a1ee1acaa28e4
SHA1 81ce108ecd8dd8ec3cef06f4e07fecc0149205a2
SHA256 cd1c5d64897372bf0c5c4fe4d3e654e5ca363e0f1b707cdddf591108336163a5
ssdeep
6144:VTx5HdyCvCsoF0j5y/J9tRdq2j/FPr79blmQ8ZopNhFfpxXipW/FNyj4JkJvETuK:VbnVoKjAtRJJn9blm/KHi4orUuCF1

File size 653.9 KB ( 669599 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2017-09-09 14:39:49 UTC ( 1 month, 1 week ago )
Last submission 2017-09-30 12:40:06 UTC ( 2 weeks, 6 days ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!