× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d1d127d60ca94a8a1779c9d978c4eadfdd5dbb3683a87f2bd1cbc963b09a9a36
File name: regard_alternate_sheet.php?sCgjKzq=XxMXwha
Detection ratio: 29 / 57
Analysis date: 2015-08-20 05:26:24 UTC ( 1 week, 6 days ago )
Antivirus Result Update
ALYac Java.Exploit.CVE-2013-0422.Y 20150820
AVG Exploit.Java_c.ONW 20150819
Ad-Aware Java.Exploit.CVE-2013-0422.Y 20150820
Antiy-AVL Trojan[Exploit]/Java.CVE-2012-1723.nt 20150820
Arcabit Java.Exploit.CVE-2013-0422.Y 20150820
Avast Java:Agent-FZB [Expl] 20150820
Avira JAVA/Jogek.ctw.7 20150820
BitDefender Java.Exploit.CVE-2013-0422.Y 20150820
CAT-QuickHeal Exp.JAVA.Agent.ABP 20150819
ClamAV JAVA.Exploit.Exploit.Kit-24 20150820
Comodo UnclassifiedMalware 20150820
DrWeb Exploit.Java.586 20150820
ESET-NOD32 a variant of Java/Exploit.Agent.PPI 20150820
Emsisoft Java.Exploit.CVE-2013-0422.Y (B) 20150820
F-Secure Java.Exploit.CVE-2013-0422.Y 20150820
GData Java.Exploit.CVE-2013-0422.Y 20150820
Ikarus Java.Jogek 20150820
Kaspersky Exploit.Java.CVE-2012-1723.nt 20150820
McAfee Generic.dx!B03B341F834C 20150820
McAfee-GW-Edition Generic.dx!3988E77C72A5 20150820
MicroWorld-eScan Java.Exploit.CVE-2013-0422.Y 20150820
Microsoft Exploit:Java/CVE-2013-0422 20150820
NANO-Antivirus Exploit.Java.Jogek.cjeies 20150820
Qihoo-360 Trojan.Generic 20150820
Sophos Troj/EncProc-V 20150820
Symantec Trojan.Maljava!gen35 20150819
TotalDefense Java/Tnega.RUDfJSB 20150820
ViRobot JAVA.S.Agent.19792[h] 20150820
nProtect Java.Exploit.CVE-2013-0422.Y 20150819
AVware 20150820
AegisLab 20150819
Agnitum 20150819
AhnLab-V3 20150820
Alibaba 20150820
Baidu-International 20150819
Bkav 20150819
ByteHero 20150820
CMC 20150819
Cyren 20150820
F-Prot 20150820
Fortinet 20150820
Jiangmin 20150819
K7AntiVirus 20150819
K7GW 20150820
Kingsoft 20150820
Malwarebytes 20150820
Panda 20150819
Rising 20150817
SUPERAntiSpyware 20150820
Tencent 20150820
TheHacker 20150820
TrendMicro 20150820
TrendMicro-HouseCall 20150820
VBA32 20150819
VIPRE 20150820
Zillya 20150819
Zoner 20150820
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Contained files
Compression metadata
Contained files
11
Uncompressed size
37778
Highest datetime
2013-08-08 09:09:52
Lowest datetime
2013-08-05 22:14:44
Contained files by type
Java Bytecode
9
directory
1
unknown
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x00000000

FileType
ZIP

ZipCompression
None

ZipUncompressedSize
0

ZipCompressedSize
0

FileTypeExtension
zip

ZipFileName
WqJmjZxw/

ZipBitFlag
0x0002

ZipModifyDate
2013:08:08 09:08:12

Compressed bundles
PCAP parents
File identification
MD5 91cb051d427bd7b679e1abc99983338e
SHA1 c935c853b6d8c3414eef215bb343944e95324363
SHA256 d1d127d60ca94a8a1779c9d978c4eadfdd5dbb3683a87f2bd1cbc963b09a9a36
ssdeep
384:994uZkxLYDPTW4V9ndbzFVx3hqV+BCcA8in2sZ47J06zu22YCorvZs/RaCRIWuZp:b4uZkxAP1xRstT20cJ0zpwF5CNs

File size 19.3 KB ( 19792 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (99.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
Tags
exploit cve-2013-0422 zip cve-2012-1723

VirusTotal metadata
First submission 2013-08-08 06:02:35 UTC ( 2 years ago )
Last submission 2015-04-30 01:10:07 UTC ( 4 months ago )
File names index.php
javacrap
41db9b3f-7ed980b6
java-exploit-from-173.246.105.15.jar
i9jfuhioejskveohnuojfir.php
equivalent-devote-ways_being.php?QsynEJJ=BaruMb
91cb051d427bd7b679e1abc99983338e
jar_cache6954485588439484418.tmp
regard_alternate_sheet.php?sCgjKzq=XxMXwha
41db9b3f-7ed980b6
javastuff
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!