× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d177ecd4dbcdb85fe5bb243a95959f20e633daa6d2331b9e487837544c714e1c
File name: 90d52da56ff1f190663b23c72d5caacc.virus
Detection ratio: 47 / 60
Analysis date: 2017-03-13 20:31:10 UTC ( 2 months, 1 week ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Barys.53897 20170313
AegisLab Troj.Msil.Agent!c 20170313
AhnLab-V3 Trojan/Win32.Agent.C855562 20170313
ALYac Gen:Variant.Barys.53897 20170313
Antiy-AVL Trojan/Win32.AGeneric 20170313
Arcabit Trojan.Barys.DD289 20170313
AVG MSIL11.KQD 20170313
Avira (no cloud) TR/Bladabindi.EA 20170313
AVware Trojan.Win32.Generic!BT 20170313
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20170313
BitDefender Gen:Variant.Barys.53897 20170313
Bkav W32.QuisnratLTH.Trojan 20170313
CAT-QuickHeal Trojan.Agent 20170313
Comodo TrojWare.MSIL.Omaneat.A 20170313
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20170130
Cyren W32/Trojan.ODXR-8004 20170313
DrWeb Trojan.DownLoader23.46495 20170313
Emsisoft Gen:Variant.Barys.53897 (B) 20170313
Endgame malicious (high confidence) 20170222
ESET-NOD32 MSIL/Agent.ADE 20170313
F-Secure Gen:Variant.Barys.53897 20170313
Fortinet MSIL/Generic.AP.5F352!tr 20170311
GData MSIL.Trojan.Injector.HD 20170313
Ikarus Trojan.MSIL.Agent 20170313
Invincea trojan.win32.skeeyah.a!rfn 20170203
Jiangmin Trojan.Generic.armid 20170313
K7AntiVirus Trojan ( 004cee5a1 ) 20170313
K7GW Trojan ( 004cee5a1 ) 20170313
Kaspersky Trojan.MSIL.Agent.foxj 20170313
Malwarebytes Backdoor.LuminosityLink 20170313
McAfee GenericRXAX-KY!90D52DA56FF1 20170313
McAfee-GW-Edition BehavesLike.Win32.Generic.cc 20170313
eScan Gen:Variant.Barys.53897 20170313
NANO-Antivirus Trojan.Win32.Agent.elruxf 20170313
Palo Alto Networks (Known Signatures) Virus/Win32.malicious.iedg 20170313
Panda Trj/CI.A 20170313
Qihoo-360 Win32/Trojan.843 20170313
Sophos Mal/Generic-S 20170313
Symantec Trojan.Gen.2 20170313
Tencent Msil.Trojan.Agent.Htlt 20170313
VBA32 Trojan.MSIL.Agent 20170313
VIPRE Trojan.Win32.Generic!BT 20170313
ViRobot Trojan.Win32.Z.Agent.877568.DM[h] 20170313
Webroot Malicious 20170313
Yandex Trojan.Agent!hiEr75F0nHo 20170312
Zillya Trojan.Agent.Win32.740062 20170313
ZoneAlarm by Check Point Trojan.MSIL.Agent.foxj 20170313
Alibaba 20170228
Avast 20170313
ClamAV 20170313
CMC 20170313
F-Prot 20170313
Kingsoft 20170313
Microsoft 20170313
nProtect 20170313
Rising 20170313
SUPERAntiSpyware 20170313
TheHacker 20170311
TrendMicro 20170313
TrendMicro-HouseCall 20170313
Trustlook 20170313
WhiteArmor 20170303
Zoner 20170313
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-01-16 21:42:02
Entry Point 0x000D7D0E
Number of sections 3
.NET details
Module Version ID da168ef3-6782-4483-ad95-78abae2d2b09
TypeLib ID 3a574e5b-bd2e-4e23-a175-583f6c78f50f
PE sections
PE imports
_CorExeMain
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2017:01:16 22:42:02+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
876032

LinkerVersion
8.0

EntryPoint
0xd7d0e

InitializedDataSize
1024

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 90d52da56ff1f190663b23c72d5caacc
SHA1 47e4bb872bd81fc0b901e31b27e4baf9e5ddc887
SHA256 d177ecd4dbcdb85fe5bb243a95959f20e633daa6d2331b9e487837544c714e1c
ssdeep
12288:Jp/TC4LesYpZ+XYMXg8uBVw6yu3h8dGvyMsdwqAxKqEGPXRvE/Y+m+De4/uDXwkq:J/tCvMP2+b7dGywJP5ItbDh/KXwkN

authentihash fc97e264edbc8e973489aec81d4f15db804c9c2e3a4d721a1db2e3a86847bc54
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 857.0 KB ( 877568 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (56.7%)
Win64 Executable (generic) (21.3%)
Windows screen saver (10.1%)
Win32 Dynamic Link Library (generic) (5.0%)
Win32 Executable (generic) (3.4%)
Tags
peexe assembly

VirusTotal metadata
First submission 2017-02-15 01:35:37 UTC ( 3 months, 1 week ago )
Last submission 2017-03-13 20:31:10 UTC ( 2 months, 1 week ago )
File names 90d52da56ff1f190663b23c72d5caacc.virus
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!