× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e2494fc7eda73ac116a9a07aced0bab23efc6d494dd3f024e45f048b339f7860
File name: myfile.exe
Detection ratio: 52 / 68
Analysis date: 2018-02-22 14:54:19 UTC ( 12 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.6263509 20180222
AegisLab Filerepmalware.Gen!c 20180222
AhnLab-V3 Trojan/Win32.Crypt.C2274027 20180222
ALYac Trojan.GenericKD.6263509 20180222
Arcabit Trojan.Generic.D5F92D5 20180222
Avast Win32:Malware-gen 20180222
AVG Win32:Malware-gen 20180222
Avira (no cloud) TR/Crypt.ZPACK.bwpbo 20180222
AVware Trojan.Win32.Generic.pak!cobra 20180222
BitDefender Trojan.GenericKD.6263509 20180222
CAT-QuickHeal Trojan.IGENERIC 20180222
ClamAV Win.Trojan.Agent-6387733-0 20180222
Comodo UnclassifiedMalware 20180222
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170201
Cybereason malicious.f1d633 20180205
Cylance Unsafe 20180222
Cyren W32/Trojan.ZPUS-7738 20180222
DrWeb Trojan.Infospy.16 20180222
Emsisoft Trojan.GenericKD.6263509 (B) 20180222
Endgame malicious (high confidence) 20180216
ESET-NOD32 a variant of Win32/TrojanDropper.Agent.RUB 20180222
Fortinet W32/Agent.RUB!tr 20180222
GData Trojan.GenericKD.6263509 20180222
Ikarus Trojan-Dropper.Win32.Agent 20180222
Sophos ML heuristic 20180121
Jiangmin Trojan.Agentb.cnc 20180222
K7AntiVirus Trojan ( 0051b1261 ) 20180222
K7GW Trojan ( 0051b1261 ) 20180222
Kaspersky Trojan-Dropper.Win32.Agent.sbpq 20180222
Malwarebytes Trojan.MalPack 20180222
MAX malware (ai score=100) 20180222
McAfee Generic!Emotet.c 20180221
McAfee-GW-Edition BehavesLike.Win32.Generic.cc 20180222
Microsoft Trojan:Win32/Tiggre!rfn 20180222
eScan Trojan.GenericKD.6263509 20180222
NANO-Antivirus Trojan.Win32.MlwGen.evnquk 20180222
Palo Alto Networks (Known Signatures) generic.ml 20180222
Panda Trj/GdSda.A 20180222
Qihoo-360 Win32/Trojan.BO.5ce 20180222
Rising Dropper.Agent!8.2F (TFE:5:IcgRxeqkLGR) 20180222
Sophos AV Mal/Generic-S 20180222
Symantec Trojan.Gen.2 20180222
Tencent Win32.Trojan.Generic.Eehh 20180222
TrendMicro TROJ_DOWNLOAD.GA 20180222
TrendMicro-HouseCall TROJ_DOWNLOAD.GA 20180222
VBA32 TrojanDropper.Agent 20180222
VIPRE Trojan.Win32.Generic.pak!cobra 20180222
ViRobot Trojan.Win32.Z.Agent.196096.JJ 20180222
Webroot W32.Malware.Gen 20180222
Yandex Trojan.DR.Agent!BZ+DvKSbtWc 20180222
Zillya Dropper.Agent.Win32.281381 20180221
ZoneAlarm by Check Point Trojan-Dropper.Win32.Agent.sbpq 20180222
Alibaba 20180222
Antiy-AVL 20180222
Avast-Mobile 20180221
Baidu 20180208
Bkav 20180212
CMC 20180222
eGambit 20180222
F-Prot 20180222
F-Secure 20180222
Kingsoft 20180222
nProtect 20180222
SentinelOne (Static ML) 20180115
SUPERAntiSpyware 20180221
Symantec Mobile Insight 20180220
TheHacker 20180219
TotalDefense 20180222
Trustlook 20180222
WhiteArmor 20180205
Zoner 20180222
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-11-29 07:07:22
Entry Point 0x00002198
Number of sections 7
PE sections
PE imports
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetSystemTimeAsFileTime
EnterCriticalSection
LCMapStringW
GetConsoleCP
FreeLibrary
QueryPerformanceCounter
IsDebuggerPresent
HeapAlloc
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
InitializeCriticalSectionEx
RtlUnwind
GetModuleFileNameA
GetStdHandle
DeleteCriticalSection
GetCurrentProcess
GetStartupInfoW
GetFileType
GetConsoleMode
DecodePointer
GetCurrentProcessId
GetCommandLineW
GetCPInfo
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
HeapSize
SetFilePointerEx
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
InitializeSListHead
GetProcessHeap
SetStdHandle
RaiseException
WideCharToMultiByte
TlsFree
FindFirstFileExA
SetUnhandledExceptionFilter
WriteFile
CloseHandle
IsProcessorFeaturePresent
FindNextFileA
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
GetOEMCP
TerminateProcess
CreateEventW
GetModuleHandleExW
IsValidCodePage
OutputDebugStringW
CreateFileW
FindClose
TlsGetValue
SetLastError
TlsSetValue
EncodePointer
GetCurrentThreadId
ExitProcess
WriteConsoleW
LeaveCriticalSection
SysAllocString
CoInitializeEx
CoCreateInstance
CLSIDFromProgID
Number of PE resources by type
RT_ICON 1
RT_MANIFEST 1
RT_GROUP_ICON 1
Number of PE resources by language
GERMAN 2
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

SubsystemVersion
6.0

MachineType
Intel 386 or later, and compatibles

TimeStamp
2017:11:29 08:07:22+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
57344

LinkerVersion
14.0

FileTypeExtension
exe

InitializedDataSize
140800

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x2198

OSVersion
6.0

ImageVersion
0.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 fa6d16ef1d63330b771bb01d29390281
SHA1 a09dde95a3172f8bca7b9601a2b411e2b78349ed
SHA256 e2494fc7eda73ac116a9a07aced0bab23efc6d494dd3f024e45f048b339f7860
ssdeep
3072:WFbOtbm3l4ixrbHojVjE1gCUancSM7U7V3owv5R0zhK6/K9OcbrPLau/QpUhXASO:Wkid4E1gC/Go3ZL6K6/0ZbrPoV

authentihash 4900e97e070db175c3707d17a21c7a2cc68a38ea380e232d44964a25675e4f67
imphash 1fc0fd40b7d34a4358a9cc16cdc59044
File size 191.5 KB ( 196096 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (72.3%)
Win32 Executable (generic) (11.8%)
OS/2 Executable (generic) (5.3%)
Generic Win/DOS Executable (5.2%)
DOS Executable Generic (5.2%)
Tags
peexe

VirusTotal metadata
First submission 2017-11-29 13:53:30 UTC ( 1 year, 2 months ago )
Last submission 2019-01-15 23:30:56 UTC ( 1 month ago )
File names output.114919841.txt
dafhgbr.exe
xqbodge.exe
dafhgbr.exe_
myfile.exe
output.112553327.txt
VirusShare_fa6d16ef1d63330b771bb01d29390281
141_12_28_2017_18_47_52_fsmonoy.exe.malware.MRG
fa6d16ef1d63330b771bb01d29390281.exe
fsmonoy.exe
oypsmht.exe
frmiwkb.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!