× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: dca0c8d331189b3dab7117948f862e89b6ab3bf5df920e60ce018dbbc94de7d2
File name: kblock100.zip
Detection ratio: 12 / 56
Analysis date: 2015-02-05 11:51:30 UTC ( 4 years, 1 month ago ) View latest
Antivirus Result Update
ALYac Backdoor.Buttman 20150205
AVware Monitor.Win32.KeyPressHooker 20150205
Comodo UnclassifiedMalware 20150205
Cyren W32/Monitor.DALK-1491 20150205
DrWeb Adware.InstallCore.53 20150205
F-Prot W32/Monitor.AOL 20150205
Kaspersky not-a-virus:Monitor.Win32.KeyPressHooker 20150205
NANO-Antivirus Riskware.Win32.KeyPressHooker.covdj 20150205
Symantec WS.Reputation.1 20150205
TheHacker Aplicacion/KeyPressHooker 20150205
VIPRE Monitor.Win32.KeyPressHooker 20150205
ViRobot Monitor.KeyPressHooker.28160[h] 20150205
Ad-Aware 20150205
AegisLab 20150205
Yandex 20150202
AhnLab-V3 20150204
Alibaba 20150205
Antiy-AVL 20150205
Avast 20150205
AVG 20150205
Avira (no cloud) 20150205
Baidu-International 20150205
BitDefender 20150205
Bkav 20150205
ByteHero 20150205
CAT-QuickHeal 20150204
ClamAV 20150205
CMC 20150205
Emsisoft 20150205
ESET-NOD32 20150205
F-Secure 20150205
Fortinet 20150205
GData 20150205
Ikarus 20150205
K7AntiVirus 20150205
K7GW 20150205
Kingsoft 20150205
Malwarebytes 20150205
McAfee 20150205
McAfee-GW-Edition 20150205
Microsoft 20150205
eScan 20150205
Norman 20150205
nProtect 20150205
Panda 20150205
Qihoo-360 20150205
Rising 20150204
Sophos AV 20150205
SUPERAntiSpyware 20150205
Tencent 20150205
TotalDefense 20150205
TrendMicro 20150205
TrendMicro-HouseCall 20150205
VBA32 20150205
Zillya 20150204
Zoner 20150205
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
3
Uncompressed size
245801
Highest datetime
1999-03-24 01:00:00
Lowest datetime
1999-03-24 01:00:00
Contained files by extension
exe
1
txt
1
dll
1
Contained files by type
Portable Executable
2
unknown
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x46b5eb61

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
1577

ZipCompressedSize
644

FileTypeExtension
zip

ZipFileName
readme.txt

ZipBitFlag
0x0002

ZipModifyDate
1999:03:24 01:00:00

File identification
MD5 d7f1262d9072573fe5b623759cf6a8e3
SHA1 551f7a1fc2d6c157ee58bb359e84eb24e05b3757
SHA256 dca0c8d331189b3dab7117948f862e89b6ab3bf5df920e60ce018dbbc94de7d2
ssdeep
3072:3ZwYv8f477lZ+6g6XWTHhi7KoEqCGzYeT+sYpkNv9eba:3Zt5koW9imoEsAkp9oa

File size 122.3 KB ( 125283 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (80.0%)
PrintFox/Pagefox bitmap (var. P) (20.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2009-02-14 16:36:18 UTC ( 10 years, 1 month ago )
Last submission 2019-01-05 16:16:09 UTC ( 2 months, 2 weeks ago )
File names file-6688499_zip
kblock100.zip
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!