× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d99339d3dc6891cdd832754c5739640c62cd229c84e04e9e3cad743c6f66b1b9
File name: Backdoor.Ploutus.B
Detection ratio: 10 / 47
Analysis date: 2013-10-27 11:26:58 UTC ( 5 years, 4 months ago ) View latest
Antivirus Result Update
AntiVir TR/Dropper.MSIL.Gen 20131027
Comodo UnclassifiedMalware 20131027
Ikarus Win32.SuspectCrc 20131027
K7GW Backdoor 20131025
McAfee Artemis!ECA2CA8ECF63 20131027
McAfee-GW-Edition Artemis!ECA2CA8ECF63 20131027
Norman Obfuscated.gen!r 20131027
Panda Suspicious file 20131026
Symantec Backdoor.Ploutus.B 20131027
TrendMicro-HouseCall TROJ_GEN.R047H07JO13 20131027
Yandex 20131026
AhnLab-V3 20131026
Antiy-AVL 20131027
Avast 20131027
AVG 20131027
Baidu-International 20131027
BitDefender 20090218
Bkav 20131025
ByteHero 20131024
CAT-QuickHeal 20131026
ClamAV 20131027
Commtouch 20131027
DrWeb 20131027
Emsisoft 20131027
ESET-NOD32 20131027
F-Prot 20131027
F-Secure 20131027
Fortinet 20131027
GData 20131027
Jiangmin 20131027
K7AntiVirus 20131025
Kaspersky 20131027
Kingsoft 20130829
Malwarebytes 20131027
Microsoft 20131027
eScan 20131026
NANO-Antivirus 20131027
nProtect 20131027
Rising 20131025
Sophos AV 20131027
SUPERAntiSpyware 20131026
TheHacker 20131025
TotalDefense 20131025
TrendMicro 20131027
VBA32 20131026
VIPRE 20131027
ViRobot 20131026
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © Ploutos 2013

Product Ploutos
Original name Ploutos.exe
Internal name Ploutos.exe
File version 1.0.0.0
Description Ploutos
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-07-24 07:09:14
Entry Point 0x0000944E
Number of sections 3
.NET details
Module Version ID b943871a-96c9-53f0-1673-9625474d13a6
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
2048

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
8.0

EntryPoint
0x944e

OriginalFileName
Ploutos.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright Ploutos 2013

FileVersion
1.0.0.0

TimeStamp
2013:07:24 08:09:14+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Ploutos.exe

ProductVersion
1.0.0.0

FileDescription
Ploutos

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Ploutos

CodeSize
30208

ProductName
Ploutos

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 eca2ca8ecf63816d9a157888e3d871dc
SHA1 b0b13b336ee8770bb2a90fb1292fd9dcabd046f4
SHA256 d99339d3dc6891cdd832754c5739640c62cd229c84e04e9e3cad743c6f66b1b9
ssdeep
384:ACXjFamIABP7KOAOFoP3U+jrT8nqWn/igMaTdrbN1mMZKzYoDFYhDMIT:JjuAd78rT8qGTdxfNpopYt

authentihash de820fb07b19905a6699d1234ad792aad03bad97214a94e2d0e6cf5fc6b4f274
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 32.0 KB ( 32768 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (81.0%)
Win32 Dynamic Link Library (generic) (7.2%)
Win32 Executable (generic) (4.9%)
OS/2 Executable (generic) (2.2%)
Generic Win/DOS Executable (2.2%)
Tags
peexe assembly

VirusTotal metadata
First submission 2013-10-24 16:07:19 UTC ( 5 years, 4 months ago )
Last submission 2018-05-19 15:25:27 UTC ( 10 months ago )
File names Backdoor.Ploutus.B
pulsar.bin
pulsar.exe
ploutos.exe
eca2ca8ecf63816d9a157888e3d871dc.vir
vti-rescan
BCKPLTSB.exe
b0b13b336ee8770bb2a90fb1292fd9dcabd046f4_Ploutus.ex
d99339d3dc6891cdd832754c5739640c62cd229c84e04e9e3cad743c6f66b1b9 (1).bin
ECA2CA8ECF63816D9A157888E3D871DC.exe
PlotusB.-guram@korovka.pro.exe
d99339d3dc6891cdd832754c5739640c62cd229c84e04e9e3cad743c6f66b1b9.exe
d99339d3dc6891cdd832754c5739640c62cd229c84e04e9e3cad743c6f66b1b9.bin
eca2ca8ecf63816d9a157888e3d871dc.exe
VIRII.0000207.exe
Backdoor.Ploutus.B.exe
eca2ca8ecf63816d9a157888e3d871dc
b0b13b336ee8770bb2a90fb1292fd9dcabd046f4_Ploutos.ex
1234543.bin
Ploutos.exe
5429
Ploutus.B.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!