× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ced65f2418176e240cc4558c4ab22fe73248ec8c2837f1fe1fed461eeba5e2f8
File name: gfgf.exe
Detection ratio: 17 / 69
Analysis date: 2018-11-22 04:00:27 UTC ( 3 months, 4 weeks ago ) View latest
Antivirus Result Update
CrowdStrike Falcon (ML) malicious_confidence_80% (D) 20181022
Cylance Unsafe 20181122
Cyren W32/MSIL_Kryptik.BT.gen!Eldorado 20181122
Endgame malicious (moderate confidence) 20181108
ESET-NOD32 a variant of MSIL/Kryptik.QEQ 20181122
F-Prot W32/MSIL_Kryptik.BT.gen!Eldorado 20181122
Fortinet MSIL/Kryptik.QAV!tr 20181122
Sophos ML heuristic 20181108
Kaspersky HEUR:Trojan.MSIL.Crypt.gen 20181122
Malwarebytes Trojan.PasswordStealer.MSIL.Generic 20181122
McAfee Packed-FNY!DE6C4135061E 20181122
McAfee-GW-Edition BehavesLike.Win32.Generic.jc 20181122
Palo Alto Networks (Known Signatures) generic.ml 20181122
Qihoo-360 HEUR/QVM03.0.5E39.Malware.Gen 20181122
SentinelOne (Static ML) static engine - malicious 20181011
Symantec ML.Attribute.HighConfidence 20181122
ZoneAlarm by Check Point HEUR:Trojan.MSIL.Crypt.gen 20181122
Ad-Aware 20181122
AegisLab 20181122
AhnLab-V3 20181122
Alibaba 20180921
ALYac 20181122
Antiy-AVL 20181122
Arcabit 20181121
Avast 20181122
Avast-Mobile 20181121
AVG 20181122
Avira (no cloud) 20181121
Babable 20180918
Baidu 20181121
BitDefender 20181122
Bkav 20181121
CAT-QuickHeal 20181121
ClamAV 20181121
CMC 20181121
Comodo 20181122
Cybereason 20180225
DrWeb 20181122
eGambit 20181122
Emsisoft 20181122
F-Secure 20181122
GData 20181122
Ikarus 20181121
Jiangmin 20181122
K7AntiVirus 20181121
K7GW 20181122
Kingsoft 20181122
MAX 20181122
Microsoft 20181122
eScan 20181122
NANO-Antivirus 20181122
Panda 20181121
Rising 20181122
Sophos AV 20181122
SUPERAntiSpyware 20181121
Symantec Mobile Insight 20181121
TACHYON 20181122
Tencent 20181122
TheHacker 20181118
TotalDefense 20181121
TrendMicro 20181122
TrendMicro-HouseCall 20181122
Trustlook 20181122
VBA32 20181121
VIPRE 20181122
ViRobot 20181121
Webroot 20181122
Yandex 20181119
Zillya 20181121
Zoner 20181122
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2018 Dover Corporation, Inc.

Product Complete capacity lifecycle management for your virtual infrastructure
Original name gfgf.exe
Internal name gfgf.exe
File version 11.10.15.1
Description Complete capacity lifecycle management for your virtual infrastructure
Comments ibopezequlutubah
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2001-08-22 16:59:21
Entry Point 0x000AC00A
Number of sections 5
.NET details
Module Version ID 29358b7f-5721-4f28-bea5-909b8d1b8dcb
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
ibopezequlutubah

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
11.10.15.1

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Complete capacity lifecycle management for your virtual infrastructure

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
540160

EntryPoint
0xac00a

OriginalFileName
gfgf.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2018 Dover Corporation, Inc.

FileVersion
11.10.15.1

TimeStamp
2001:08:22 18:59:21+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
gfgf.exe

ProductVersion
11.10.15.1

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Dover Corporation, Inc.

CodeSize
136192

ProductName
Complete capacity lifecycle management for your virtual infrastructure

ProductVersionNumber
11.10.15.1

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 de6c4135061eadfc4bd1f5aec85e5a98
SHA1 fd60f320447c5dcf05291f32a8f38be23fad563f
SHA256 ced65f2418176e240cc4558c4ab22fe73248ec8c2837f1fe1fed461eeba5e2f8
ssdeep
12288:m2H9+Oso5pSVyz1m8FFdWppXtTE+biHzMPAqIbMKNXGu1Uc:m2lsonQ8FFcrXZE+OTEIbMKNW

authentihash 9334e4ba0fcc04af5ada5cf12dc0a66000b86ec35797d91a95a1b0adfee5d3e5
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 661.5 KB ( 677376 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-11-22 04:00:27 UTC ( 3 months, 4 weeks ago )
Last submission 2018-11-22 04:00:27 UTC ( 3 months, 4 weeks ago )
File names gfgf.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!