× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e3d71caa11ad67bc987fe7914d09806cb3c2b6fdc5f643d08e1eb2034b1ca982
File name: 452364e48889f8f164bd83bdfc03f16d.virus
Detection ratio: 27 / 57
Analysis date: 2016-12-02 01:57:07 UTC ( 2 years, 3 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Barys.5057 20161202
ALYac Gen:Variant.Barys.5057 20161202
Arcabit Trojan.Barys.D13C1 20161202
Avast Win32:Malware-gen 20161202
AVG Atros4.BCWK 20161202
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9995 20161201
BitDefender Gen:Variant.Barys.5057 20161202
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20161024
Cyren W32/Trojan.MWCC-5468 20161202
Emsisoft Gen:Variant.Barys.5057 (B) 20161202
ESET-NOD32 a variant of MSIL/Kryptik.HSD 20161202
F-Secure Gen:Variant.Barys.5057 20161202
Fortinet W32/Agent.HSD!tr 20161202
GData Gen:Variant.Barys.5057 20161202
Ikarus Trojan.MSIL.Crypt 20161201
Sophos ML backdoor.msil.bladabindi.al 20161202
Kaspersky Trojan.Win32.Agent.neydjp 20161202
McAfee Artemis!452364E48889 20161202
McAfee-GW-Edition BehavesLike.Win32.Generic.hh 20161202
Microsoft Backdoor:MSIL/Bladabindi 20161201
eScan Gen:Variant.Barys.5057 20161202
Panda Trj/GdSda.A 20161201
Qihoo-360 HEUR/QVM03.0.0000.Malware.Gen 20161202
Sophos AV Mal/Generic-S 20161201
Symantec Heur.AdvML.C 20161201
Tencent Win32.Trojan.Bp-autorun.Zclz 20161202
TrendMicro-HouseCall TROJ_GEN.R072H0CL116 20161201
AegisLab 20161202
AhnLab-V3 20161201
Alibaba 20161201
Antiy-AVL 20161202
Avira (no cloud) 20161201
AVware 20161202
Bkav 20161201
CAT-QuickHeal 20161201
ClamAV 20161202
CMC 20161201
Comodo 20161201
DrWeb 20161202
F-Prot 20161202
Jiangmin 20161201
K7AntiVirus 20161201
K7GW 20161202
Kingsoft 20161202
Malwarebytes 20161201
NANO-Antivirus 20161201
nProtect 20161202
Rising 20161202
SUPERAntiSpyware 20161202
TheHacker 20161130
TotalDefense 20161201
TrendMicro 20161202
Trustlook 20161202
VBA32 20161201
VIPRE 20161202
ViRobot 20161201
WhiteArmor 20161125
Yandex 20161201
Zillya 20161201
Zoner 20161201
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2016

Product Mitii
Original name Mitii.exe
Internal name Mitii.exe
File version 3.4.0.0
Description Mitii
Comments Mitii
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-11-30 02:04:00
Entry Point 0x0001D59E
Number of sections 3
.NET details
Module Version ID 6b4849b6-4469-4349-92db-078168ee8798
TypeLib ID b096522c-5d6c-4711-8173-a35007b1f094
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 10
RT_GROUP_ICON 2
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 14
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
Mitii

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.4.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Mitii

CharacterSet
Unicode

InitializedDataSize
430080

EntryPoint
0x1d59e

OriginalFileName
Mitii.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2016

FileVersion
3.4.0.0

TimeStamp
2016:11:30 03:04:00+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Mitii.exe

ProductVersion
3.4.0.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Mitii

CodeSize
112128

ProductName
Mitii

ProductVersionNumber
3.4.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
3.4.0.0

File identification
MD5 452364e48889f8f164bd83bdfc03f16d
SHA1 3c066bde21372896d8e709e0a6abcd62b4a77a42
SHA256 e3d71caa11ad67bc987fe7914d09806cb3c2b6fdc5f643d08e1eb2034b1ca982
ssdeep
6144:BbB6IEq9izWCqpHtXk123oWK1HEtv0MGvu5hFXRYMAxAbRT2:Bbwi9iRqpHtXk1Tzvu5DR

authentihash 2b9409d4bf2eaf8b1ce8c8bee6bdd005f93ea67c149002408012cfd9563d3c2f
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 530.0 KB ( 542720 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (63.1%)
Win64 Executable (generic) (23.8%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Generic Win/DOS Executable (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2016-12-02 01:57:07 UTC ( 2 years, 3 months ago )
Last submission 2016-12-02 01:57:07 UTC ( 2 years, 3 months ago )
File names 452364e48889f8f164bd83bdfc03f16d.virus
Mitii.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!