× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: cfa9aebcbb5a15d68e2e5f56a22f50c5b045e94e33e0edd84f181e21bf796953
File name: vt-upload-oIsGK
Detection ratio: 39 / 56
Analysis date: 2015-10-25 21:16:27 UTC ( 8 months ago )
Antivirus Result Update
ALYac Gen:Variant.Kazy.205084 20151026
AVG BackDoor.Generic17.XJU 20151026
AVware Trojan.Win32.Generic!BT 20151026
Ad-Aware Gen:Variant.Kazy.205084 20151026
Yandex Backdoor.Androm!v5coJNFFHR0 20151025
AhnLab-V3 Backdoor/Win32.Androm 20151026
Antiy-AVL Trojan[Backdoor]/Win32.Androm 20151026
Arcabit Trojan.Kazy.D3211C 20151026
Avast MSIL:Injector-DB [Trj] 20151026
Avira (no cloud) TR/Dropper.MSIL.Gen 20151026
Baidu-International Backdoor.Win32.Androm.ywa 20151026
BitDefender Gen:Variant.Kazy.205084 20151026
CAT-QuickHeal Trojan.Malagent.r3 20151026
Comodo UnclassifiedMalware 20151026
DrWeb BackDoor.Comet.152 20151026
ESET-NOD32 a variant of MSIL/Injector.BNC 20151026
Emsisoft Gen:Variant.Kazy.205084 (B) 20151026
F-Secure Gen:Variant.Kazy.205084 20151026
Fortinet MSIL/Injector.WWP!tr 20151026
GData Gen:Variant.Kazy.205084 20151026
Ikarus Backdoor.Win32.Androm 20151026
Jiangmin Backdoor/Androm.aeu 20151025
K7AntiVirus Trojan ( 004418a01 ) 20151026
K7GW Trojan ( 004418a01 ) 20151026
Kaspersky HEUR:Trojan.Win32.Generic 20151026
Malwarebytes Trojan.Agent.MSIL 20151026
McAfee Gamarue-FAZ!108D6FB7081C 20151026
McAfee-GW-Edition BehavesLike.Win32.Backdoor.dc 20151026
eScan Gen:Variant.Kazy.205084 20151026
NANO-Antivirus Trojan.Win32.Androm.dcjfey 20151026
Panda Generic Malware 20151026
Qihoo-360 Win32/Trojan.37c 20151026
Rising PE:Malware.RDM.32!5.26[F1] 20151025
Sophos Mal/Generic-S 20151026
Symantec Trojan.Gen.3 20151025
TheHacker Trojan/Generic.bnc 20151026
VBA32 Backdoor.Androm 20151026
VIPRE Trojan.Win32.Generic!BT 20151026
nProtect Backdoor/W32.Androm.228352.B 20151026
AegisLab 20151026
Alibaba 20151026
Bkav 20151026
ByteHero 20151026
CMC 20151026
ClamAV 20151026
Cyren 20151026
F-Prot 20151026
Microsoft 20151026
SUPERAntiSpyware 20151025
Tencent 20151026
TotalDefense 20151025
TrendMicro 20151026
TrendMicro-HouseCall 20151026
ViRobot 20151026
Zillya 20151026
Zoner 20151026
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-06-27 04:20:25
Entry Point 0x0003920E
Number of sections 3
.NET details
Module Version ID a3c1185a-fdb4-49ba-8ed0-dd455e2b2f2a
TypeLib ID 19d55772-21f8-4a35-b24e-61d74262bc14
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileVersionNumber
23564.39289.56110.6693

UninitializedDataSize
0

LanguageCode
Unknown (E40A)

FileFlagsMask
0x003f

CharacterSet
Unknown (08A0)

InitializedDataSize
1536

EntryPoint
0x3920e

MIMEType
application/octet-stream

TimeStamp
2013:06:27 05:20:25+01:00

FileType
Win32 EXE

PEType
PE32

FileDescription
Services and Controller app

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
226304

FileSubtype
0

ProductVersionNumber
23564.39289.56110.6693

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 108d6fb7081c73aabc955f69098341ab
SHA1 7a0f5d5762cc355f1ad85f7d04efb1d6eaed98af
SHA256 cfa9aebcbb5a15d68e2e5f56a22f50c5b045e94e33e0edd84f181e21bf796953
ssdeep
6144:2XERXJF6+8CdbEoWIRoqUMa3U1vYp2mK3Q:v5F6+8C1WJqUMa3U1Y

authentihash 6da97bc9c7b21399cbf654d7268dfc23cdc9572cea2fd2f30dc59c3a215572f9
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 223.0 KB ( 228352 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (62.0%)
Win64 Executable (generic) (23.4%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.8%)
Win16/32 Executable Delphi generic (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2013-07-17 21:38:44 UTC ( 2 years, 11 months ago )
Last submission 2013-07-23 06:57:06 UTC ( 2 years, 11 months ago )
File names vt-upload-xwbaT
vt-upload-DhpXt
vt-upload-oIsGK
vt-upload-F9SvU
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!