× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: da527c0a3ea325edae7989eb6f21690ebabeb89f4a3641b6416bae8650b3747c
File name: c8823c70b525ccf89afa20522ffd0a50.virus
Detection ratio: 26 / 58
Analysis date: 2016-09-07 22:30:37 UTC ( 2 years, 5 months ago )
Antivirus Result Update
Antiy-AVL Trojan/Win32.TSGeneric 20160907
Avast Win32:Malware-gen 20160907
AVG PSW.MSIL.PCT 20160907
Avira (no cloud) TR/Spy.Gen 20160907
AVware Trojan.Win32.Generic!BT 20160907
CAT-QuickHeal Trojan.Scar.g4 20160907
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20160725
DrWeb Trojan.DownLoader11.8562 20160907
ESET-NOD32 a variant of MSIL/PSW.Agent.OHH 20160907
Fortinet W32/Scar.JZFO!tr 20160907
GData Win32.Trojan.Agent.G938UH 20160907
Jiangmin Trojan/Scar.bmeu 20160907
K7AntiVirus Trojan ( 700000121 ) 20160907
K7GW Trojan ( 700000121 ) 20160907
Kaspersky Trojan.Win32.Scar.jzfo 20160907
Kingsoft Win32.Troj.Generic.a.(kcloud) 20160907
McAfee Artemis!C8823C70B525 20160907
McAfee-GW-Edition Artemis 20160907
Microsoft Trojan:Win32/Dynamer!ac 20160907
NANO-Antivirus Trojan.Win32.DownLoader11.ebyuss 20160907
Panda Generic Suspicious 20160907
Qihoo-360 HEUR/QVM03.0.0000.Malware.Gen 20160907
Tencent Win32.Trojan.Scar.Szla 20160907
VIPRE Trojan.Win32.Generic!BT 20160907
Yandex Trojan.Agent!+Mh/Kwpf2wc 20160907
Zillya Trojan.Agent.Win32.479853 20160907
Ad-Aware 20160907
AegisLab 20160907
AhnLab-V3 20160907
Alibaba 20160907
ALYac 20160907
Arcabit 20160907
Baidu 20160907
BitDefender 20160907
Bkav 20160907
ClamAV 20160907
CMC 20160907
Comodo 20160907
Cyren 20160907
Emsisoft 20160907
F-Prot 20160907
F-Secure 20160907
Ikarus 20160907
Sophos ML 20160830
Malwarebytes 20160907
eScan 20160907
nProtect 20160907
Rising 20160907
Sophos AV 20160907
SUPERAntiSpyware 20160907
Symantec 20160907
TheHacker 20160905
TotalDefense 20160907
TrendMicro 20160907
TrendMicro-HouseCall 20160907
VBA32 20160907
ViRobot 20160907
Zoner 20160907
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Microsoft Windows

Product Microsoft Windows
Original name Microsoft Windows.exe
Internal name Microsoft Windows.exe
File version 4.42.0.0
Description Microsoft Windows
Comments Microsoft Windows
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-08-18 22:00:34
Entry Point 0x002517DE
Number of sections 4
.NET details
Module Version ID 97b30dc8-1113-46a8-a6b5-759198784559
TypeLib ID ee4b2280-f494-4860-9202-aaffe102bcd3
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 3
PE resources
Debug information
ExifTool file metadata
LegalTrademarks
Microsoft Windows

SubsystemVersion
4.0

Comments
Microsoft Windows

LinkerVersion
11.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
4.42.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Microsoft Windows

CharacterSet
Unicode

InitializedDataSize
54784

EntryPoint
0x2517de

OriginalFileName
Microsoft Windows.exe

MIMEType
application/octet-stream

LegalCopyright
Microsoft Windows

FileVersion
4.42.0.0

TimeStamp
2013:08:18 23:00:34+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Microsoft Windows.exe

ProductVersion
4.42.0.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Windows

CodeSize
2422784

ProductName
Microsoft Windows

ProductVersionNumber
4.42.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
4.42.0.0

File identification
MD5 c8823c70b525ccf89afa20522ffd0a50
SHA1 e879b2db1a82bc7124a6796e2b4fa1e94fa0a044
SHA256 da527c0a3ea325edae7989eb6f21690ebabeb89f4a3641b6416bae8650b3747c
ssdeep
49152:FvNExXU8Jyj8omBwDeTuHHE/jP0/HR0Dl3ruZCL9ekaXN8UIdJVy4ExVbPY2f:FNENhkvfF4c/H4l7CdxY

authentihash 73c9d2ad938550835a7d2863eb6323e8b2cf48834bb44b07b073da1905d36d5b
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 2.4 MB ( 2478592 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (55.8%)
Win64 Executable (generic) (21.0%)
Windows screen saver (9.9%)
Win32 Dynamic Link Library (generic) (5.0%)
Win32 Executable (generic) (3.4%)
Tags
peexe assembly

VirusTotal metadata
First submission 2016-09-07 22:30:37 UTC ( 2 years, 5 months ago )
Last submission 2016-09-07 22:30:37 UTC ( 2 years, 5 months ago )
File names Microsoft Windows.exe
c8823c70b525ccf89afa20522ffd0a50.virus
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!