× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: deae2d40ec575cd932a39d14d32a50f44fe480f0846bfdddab4f4376ba31d5c5
File name: MarbleDrop_LifeSupport.zip
Detection ratio: 17 / 60
Analysis date: 2018-08-20 21:53:42 UTC ( 1 month, 4 weeks ago )
Antivirus Result Update
Antiy-AVL Trojan/Win32.BTSGeneric 20180820
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9981 20180820
CAT-QuickHeal Trojan.AgentCS.S29823 20180820
Cylance Unsafe 20180820
Cyren W32/Trojan.SYGE-6877 20180820
ESET-NOD32 a variant of Win32/CMDOW.A potentially unsafe 20180820
GData Archive.Trojan.Agent.9E3QB8 20180820
Jiangmin RiskTool.Cmdow.a 20180820
Kaspersky not-a-virus:RiskTool.Win32.Cmdow.a 20180820
McAfee Artemis!CEDADD25574E 20180820
Microsoft PUA:Win32/Presenoker 20180820
NANO-Antivirus Trojan.Win32.Cmdow.dmjuol 20180820
Rising Trojan.Win32.Generic.17FDB432 (C64:YzY0Ohs14l4EXRZK) 20180820
Sophos AV Generic PUA AI (PUA) 20180820
VIPRE SecurityRisk.Cmdow (not malicious) 20180820
Yandex Riskware.Agent! 20180820
ZoneAlarm by Check Point not-a-virus:RiskTool.Win32.Cmdow.a 20180820
Ad-Aware 20180820
AegisLab 20180820
AhnLab-V3 20180820
Alibaba 20180713
ALYac 20180820
Arcabit 20180820
Avast 20180820
Avast-Mobile 20180820
AVG 20180820
Avira (no cloud) 20180820
AVware 20180820
Babable 20180725
BitDefender 20180820
Bkav 20180820
ClamAV 20180820
CMC 20180817
Comodo 20180820
CrowdStrike Falcon (ML) 20180202
Cybereason 20180308
DrWeb 20180820
eGambit 20180820
Emsisoft 20180820
Endgame 20180730
F-Prot 20180820
F-Secure 20180820
Fortinet 20180820
Ikarus 20180820
Sophos ML 20180717
K7AntiVirus 20180820
K7GW 20180820
Kingsoft 20180820
Malwarebytes 20180820
MAX 20180820
McAfee-GW-Edition 20180820
eScan 20180820
Palo Alto Networks (Known Signatures) 20180820
Panda 20180820
Qihoo-360 20180820
SentinelOne (Static ML) 20180701
SUPERAntiSpyware 20180820
Symantec 20180820
Symantec Mobile Insight 20180814
TACHYON 20180820
Tencent 20180820
TheHacker 20180818
TrendMicro 20180820
TrendMicro-HouseCall 20180820
Trustlook 20180820
VBA32 20180820
ViRobot 20180820
Webroot 20180820
Zillya 20180820
Zoner 20180819
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
3
Uncompressed size
90714
Highest datetime
2017-05-30 13:18:00
Lowest datetime
2016-10-23 22:54:50
Contained files by extension
bat
1
exe
1
reg
1
Contained files by type
unknown
2
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0xa0905b72

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
88576

ZipCompressedSize
35966

FileTypeExtension
zip

ZipFileName
cmdow.exe

ZipBitFlag
0

ZipModifyDate
2016:10:23 22:54:50

File identification
MD5 cedadd25574e06a4eabcf02c5732c8fb
SHA1 08363c9e0806326efb2c1802c5460f1c3ad14ffa
SHA256 deae2d40ec575cd932a39d14d32a50f44fe480f0846bfdddab4f4376ba31d5c5
ssdeep
768:HHVEnoT/qMqDYNtesf7TAX3wJvfMFdBSebm6CCX+EyQJYKMVuDeWey:HscLXYXAJHqBSey6CCMQWZ8DeWey

File size 36.0 KB ( 36914 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (80.0%)
PrintFox/Pagefox bitmap (var. P) (20.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2017-11-06 00:25:26 UTC ( 11 months, 2 weeks ago )
Last submission 2017-11-06 00:25:26 UTC ( 11 months, 2 weeks ago )
File names MarbleDrop_LifeSupport.zip
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!