× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d430c70003696785541f1962abec67fa167d38b01eaf2607aafdc5af8f2ed5f8
File name: saveflash.zip
Detection ratio: 1 / 61
Analysis date: 2018-07-10 13:20:22 UTC ( 8 months, 2 weeks ago )
Antivirus Result Update
Cylance Unsafe 20180710
Ad-Aware 20180710
AegisLab 20180710
AhnLab-V3 20180710
ALYac 20180710
Antiy-AVL 20180710
Arcabit 20180710
Avast 20180710
Avast-Mobile 20180710
AVG 20180710
Avira (no cloud) 20180710
AVware 20180710
Babable 20180406
Baidu 20180710
BitDefender 20180710
Bkav 20180706
CAT-QuickHeal 20180710
ClamAV 20180710
CMC 20180710
Comodo 20180710
CrowdStrike Falcon (ML) 20180202
Cybereason 20180308
Cyren 20180710
DrWeb 20180710
eGambit 20180710
Emsisoft 20180710
Endgame 20180612
ESET-NOD32 20180710
F-Prot 20180710
F-Secure 20180710
Fortinet 20180710
GData 20180710
Ikarus 20180710
Sophos ML 20180601
Jiangmin 20180710
K7AntiVirus 20180710
K7GW 20180710
Kaspersky 20180710
Kingsoft 20180710
Malwarebytes 20180710
MAX 20180710
McAfee 20180710
McAfee-GW-Edition 20180710
Microsoft 20180710
eScan 20180710
NANO-Antivirus 20180710
Palo Alto Networks (Known Signatures) 20180710
Panda 20180710
Qihoo-360 20180710
Rising 20180710
SentinelOne (Static ML) 20180701
Sophos AV 20180710
SUPERAntiSpyware 20180710
Symantec 20180710
TACHYON 20180710
Tencent 20180710
TheHacker 20180710
TotalDefense 20180710
TrendMicro 20180710
TrendMicro-HouseCall 20180710
Trustlook 20180710
VBA32 20180709
VIPRE 20180710
ViRobot 20180710
Webroot 20180710
Yandex 20180709
Zillya 20180709
ZoneAlarm by Check Point 20180710
Zoner 20180709
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
10
Uncompressed size
5882766
Highest datetime
2013-02-12 19:49:46
Lowest datetime
2012-10-12 12:53:16
Contained files by extension
lng
4
exe
4
dll
1
Contained files by type
Portable Executable
5
unknown
4
directory
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0xcf76530c

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
3137

ZipCompressedSize
1323

FileTypeExtension
zip

ZipFileName
English.lng

ZipBitFlag
0

ZipModifyDate
2013:01:30 00:34:06

File identification
MD5 71adcb6929f73163f80d88b06bcbb13b
SHA1 7691ade50a1a07d89637ba949a5f978f81b5547c
SHA256 d430c70003696785541f1962abec67fa167d38b01eaf2607aafdc5af8f2ed5f8
ssdeep
49152:bftJ99toxoqT3sETvl8DsTmcBWvpt7i16fdEcE+Mmdg3ru0qalcqpe:rtNALhTODsiY6t7iYVEcEVmdg3ru96cv

File size 2.3 MB ( 2413492 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID Mozilla Firefox browser extension (61.5%)
ZIP compressed archive (30.7%)
PrintFox/Pagefox bitmap (var. P) (7.6%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2013-02-13 13:26:36 UTC ( 6 years, 1 month ago )
Last submission 2018-04-24 21:23:41 UTC ( 11 months ago )
File names test.exe
saveflash.zip
Iwpi.dotm
saveflash.zip
file-5293965_zip
1415038862-saveflash.zip
80e33423274dba8096ae99244afd0e302272b394
saveflash.exe
452-saveflash.exe
141478835072236-saveflash.zip
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!