× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d6f1bec715339f3558d07d438fec43c3012615759a7f45ec5e71f3c0beac549e
File name: payload_1.exe
Detection ratio: 17 / 67
Analysis date: 2018-07-10 03:37:29 UTC ( 3 months, 2 weeks ago ) View latest
Antivirus Result Update
AegisLab Ml.Attribute.Gen!c 20180710
Avast FileRepMalware 20180710
AVG FileRepMalware 20180710
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180710
CAT-QuickHeal Trojan.Drixed.100454 20180709
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20180530
Cylance Unsafe 20180710
Endgame malicious (high confidence) 20180612
ESET-NOD32 a variant of Win32/Kryptik.GIPX 20180710
Sophos ML heuristic 20180601
Kaspersky UDS:DangerousObject.Multi.Generic 20180710
Palo Alto Networks (Known Signatures) generic.ml 20180710
Qihoo-360 HEUR/QVM20.1.6571.Malware.Gen 20180710
Rising Trojan.Emotet!8.B95 (TFE:dGZlOgFH7BQRi+Js0g) 20180710
SentinelOne (Static ML) static engine - malicious 20180701
Symantec ML.Attribute.HighConfidence 20180709
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180710
Ad-Aware 20180710
AhnLab-V3 20180709
Alibaba 20180709
ALYac 20180710
Antiy-AVL 20180710
Arcabit 20180710
Avast-Mobile 20180710
Avira (no cloud) 20180709
AVware 20180710
Babable 20180406
BitDefender 20180710
Bkav 20180706
ClamAV 20180710
CMC 20180710
Comodo 20180710
Cybereason 20180225
Cyren 20180710
DrWeb 20180710
eGambit 20180710
Emsisoft 20180710
F-Prot 20180710
F-Secure 20180710
Fortinet 20180710
GData 20180710
Ikarus 20180709
Jiangmin 20180709
K7AntiVirus 20180710
K7GW 20180709
Kingsoft 20180710
Malwarebytes 20180710
MAX 20180710
McAfee 20180710
McAfee-GW-Edition 20180710
Microsoft 20180709
eScan 20180710
NANO-Antivirus 20180710
Panda 20180709
Sophos AV 20180710
SUPERAntiSpyware 20180710
TACHYON 20180710
Tencent 20180710
TheHacker 20180709
TrendMicro 20180710
TrendMicro-HouseCall 20180710
Trustlook 20180710
VBA32 20180709
VIPRE 20180710
ViRobot 20180709
Webroot 20180710
Yandex 20180709
Zillya 20180709
Zoner 20180709
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-04-07 09:53:15
Entry Point 0x00001B0F
Number of sections 7
PE sections
PE imports
GetObjectType
GetConsoleOutputCP
GetExitCodeThread
GetTapeStatus
GetConsoleDisplayMode
GetTickCount
GetSystemTimeAsFileTime
GetCommandLineA
GetSystemMetrics
GetOpenClipboardWindow
GetParent
GetMenuInfo
GetSysColorBrush
PhysicalToLogicalPoint
IsDialogMessageA
DdeClientTransaction
GetNextDlgGroupItem
UnpackDDElParam
Number of PE resources by type
RT_BITMAP 16
RT_STRING 16
RT_DIALOG 1
RT_RCDATA 1
Number of PE resources by language
NEUTRAL 33
CHINESE SIMPLIFIED 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2011:04:07 10:53:15+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
12288

LinkerVersion
15.0

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x1b0f

InitializedDataSize
215552

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 b90b36a583d0dad54fec1b37e957d885
SHA1 461f3c798d18f8fc3dab59ac8e9f4fccd2b7e23e
SHA256 d6f1bec715339f3558d07d438fec43c3012615759a7f45ec5e71f3c0beac549e
ssdeep
3072:FJ5kJmLsKNgk5BvBFXPPq/bi1QYhCplzMWnckqz/wx928XV:FJ5kJ2sKnZCu1olYWckqTW

authentihash ee22735138e87c4104ff74e8d37ee1dcd569ffafdfeed6b83c8d21c7243d3ac7
imphash 3c50175c8264830a02559ce1aabcbd64
File size 219.5 KB ( 224768 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (61.7%)
Win32 Dynamic Link Library (generic) (14.7%)
Win32 Executable (generic) (10.0%)
OS/2 Executable (generic) (4.5%)
Generic Win/DOS Executable (4.4%)
Tags
peexe

VirusTotal metadata
First submission 2018-07-10 02:16:30 UTC ( 3 months, 2 weeks ago )
Last submission 2018-07-10 02:16:30 UTC ( 3 months, 2 weeks ago )
File names payload_1.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!