× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: de72bdf40d62fc9d9be022d0990bcd73bd2845bacb7d012254c4009c9849b541
File name: SecureMessage.zip
Detection ratio: 8 / 57
Analysis date: 2015-03-16 13:52:10 UTC ( 1 year, 11 months ago ) View latest
Antivirus Result Update
Cyren W32/Zbot.KZ2.gen!Eldorado 20150316
F-Prot W32/Zbot.KZ2.gen!Eldorado 20150316
F-Secure Trojan-Downloader:W32/Dalexis.B 20150316
K7AntiVirus Trojan ( 7000000c1 ) 20150316
K7GW Trojan ( 7000000c1 ) 20150316
Qihoo-360 HEUR/QVM20.1.Malware.Gen 20150316
Sophos Mal/DrodZp-A 20150316
Tencent Win32.Trojan.Inject.Auto 20150316
ALYac 20150316
AVG 20150316
AVware 20150316
Ad-Aware 20150316
AegisLab 20150316
Yandex 20150316
AhnLab-V3 20150316
Alibaba 20150316
Antiy-AVL 20150316
Avast 20150316
Avira (no cloud) 20150316
Baidu-International 20150316
BitDefender 20150316
Bkav 20150314
ByteHero 20150316
CAT-QuickHeal 20150316
CMC 20150316
ClamAV 20150315
Comodo 20150316
DrWeb 20150316
ESET-NOD32 20150316
Emsisoft 20150316
Fortinet 20150316
GData 20150316
Ikarus 20150316
Jiangmin 20150316
Kaspersky 20150316
Kingsoft 20150316
Malwarebytes 20150316
McAfee 20150316
McAfee-GW-Edition 20150316
eScan 20150316
Microsoft 20150316
NANO-Antivirus 20150316
Norman 20150316
Panda 20150316
Rising 20150316
SUPERAntiSpyware 20150315
Symantec 20150316
TheHacker 20150316
TotalDefense 20150316
TrendMicro 20150316
TrendMicro-HouseCall 20150316
VBA32 20150315
VIPRE 20150316
ViRobot 20150316
Zillya 20150316
Zoner 20150316
nProtect 20150316
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
1
Uncompressed size
28672
Highest datetime
2015-03-16 22:27:04
Lowest datetime
2015-03-16 22:27:04
Contained files by extension
scr
1
Contained files by type
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0xa6289631

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
28672

ZipCompressedSize
13520

FileTypeExtension
zip

ZipFileName
SecureMessage.scr

ZipBitFlag
0

ZipModifyDate
2015:03:16 22:27:02

File identification
MD5 b96fefd5d73167cb12285f6186fe093d
SHA1 9c3f6c03ba43f369e659aa35d6a45bc8dd7ccdee
SHA256 de72bdf40d62fc9d9be022d0990bcd73bd2845bacb7d012254c4009c9849b541
ssdeep
192:G+/2y1uugwwgZeS5kOHHadg4Vn5R8Aspsw4me06ovYKa2CdnHNdlYmL1WbaVzyB0:GE5FwoHi3VMXpe06oQ7tnHNDYDuXVh

File size 13.4 KB ( 13688 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe attachment zip

VirusTotal metadata
First submission 2015-03-16 12:07:52 UTC ( 1 year, 11 months ago )
Last submission 2015-04-08 17:27:53 UTC ( 1 year, 10 months ago )
File names 95c2e776b9e31a35a79c7c862a240fca
2015_03_16_14_37_55.000364
SecureMessage.zip
0fc73f84d1710e0dc5d9ef3c903101c1
db1da92b52ce0ce95b7fd801083aa50b
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!