× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d70f42e30fb9bc2c83c14fbaa40302439d2e9609b18a59dd9a90762228bd6c38
File name: 956903
Detection ratio: 1 / 57
Analysis date: 2017-01-05 09:16:33 UTC ( 2 years, 1 month ago ) View latest
Antivirus Result Update
Sophos ML trojan.win32.suloc.a 20161216
Ad-Aware 20170105
AegisLab 20170105
AhnLab-V3 20170105
Alibaba 20170105
ALYac 20170105
Antiy-AVL 20170105
Arcabit 20170105
Avast 20170105
AVG 20170105
Avira (no cloud) 20170105
AVware 20170105
Baidu 20170105
BitDefender 20170105
Bkav 20170104
CAT-QuickHeal 20170104
ClamAV 20170105
CMC 20170105
Comodo 20170105
CrowdStrike Falcon (ML) 20161024
Cyren 20170105
DrWeb 20170105
Emsisoft 20170105
ESET-NOD32 20170105
F-Prot 20170105
F-Secure 20170105
Fortinet 20170105
GData 20170105
Ikarus 20170105
Jiangmin 20170105
K7AntiVirus 20170105
K7GW 20170105
Kaspersky 20170105
Kingsoft 20170105
Malwarebytes 20170105
McAfee 20170105
McAfee-GW-Edition 20170105
Microsoft 20170105
eScan 20170105
NANO-Antivirus 20170105
nProtect 20170105
Panda 20170104
Qihoo-360 20170105
Rising 20170105
Sophos AV 20170105
SUPERAntiSpyware 20170105
Symantec 20170105
Tencent 20170105
TheHacker 20170104
TotalDefense 20170105
TrendMicro 20170105
TrendMicro-HouseCall 20170105
Trustlook 20170105
VBA32 20170103
VIPRE 20170105
ViRobot 20170105
WhiteArmor 20161221
Yandex 20170105
Zillya 20170104
Zoner 20170105
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
1
Uncompressed size
837329
Highest datetime
2017-01-01 22:09:02
Lowest datetime
2017-01-01 22:09:02
Contained files by extension
exe
1
Contained files by type
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x5b7cd6a3

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
837329

ZipCompressedSize
811380

FileTypeExtension
zip

ZipFileName
MOMsetup.exe

ZipBitFlag
0

ZipModifyDate
2017:01:01 22:09:02

File identification
MD5 082acca2b81c65988014a4cbdbecb425
SHA1 26705723afb2866e159cbfd2b6498a0f9abbb55c
SHA256 d70f42e30fb9bc2c83c14fbaa40302439d2e9609b18a59dd9a90762228bd6c38
ssdeep
24576:Vv21maZed9QtzYDsNMQPPJqqRa6kRiIz3:4QawG0UPPstRiQ3

File size 792.5 KB ( 811502 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (80.0%)
PrintFox/Pagefox bitmap (var. P) (20.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2017-01-03 14:35:15 UTC ( 2 years, 1 month ago )
Last submission 2017-05-04 15:25:41 UTC ( 1 year, 9 months ago )
File names mathomir.zip
956903
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!