× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e6792c6620064bf5c6a69d6d7262c5c97578c55c4fd2e1a75240dc7db6724db7
File name: e6792c6620064bf5c6a69d6d7262c5c97578c55c4fd2e1a75240dc7db6724db7
Detection ratio: 33 / 62
Analysis date: 2017-03-26 02:07:05 UTC ( 1 year, 11 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.4644484 20170326
AegisLab Backdoor.W32.Dridex!c 20170326
AhnLab-V3 Malware/Win32.Generic.C1876351 20170325
Arcabit Trojan.Generic.D46DE84 20170326
Avira (no cloud) TR/Crypt.Xpack.uuocs 20170325
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20170323
BitDefender Trojan.GenericKD.4644484 20170326
CAT-QuickHeal (Suspicious) - DNAScan 20170325
Comodo Heur.Packed.Unknown 20170325
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20170130
Emsisoft Trojan.Dridex (A) 20170326
Endgame malicious (high confidence) 20170317
ESET-NOD32 Win32/Dridex.AX 20170326
F-Secure Trojan.GenericKD.4644484 20170325
Fortinet W32/Dridex.DG!tr.bdr 20170326
GData Trojan.GenericKD.4644484 20170326
Ikarus Win32.Outbreak 20170325
Sophos ML backdoor.win32.drixed.m 20170203
K7GW Trojan ( 004fe5cb1 ) 20170325
Kaspersky Backdoor.Win32.Dridex.dg 20170326
McAfee Artemis!B0091C348E61 20170326
McAfee-GW-Edition BehavesLike.Win32.Trojan.ch 20170326
Microsoft Backdoor:Win32/Drixed 20170326
eScan Trojan.GenericKD.4644484 20170326
Palo Alto Networks (Known Signatures) generic.ml 20170326
Qihoo-360 Win32/Trojan.0e6 20170326
Rising Malware.Generic.2!tfe (thunder:2:UVGCd5hVtAJ) 20170326
SentinelOne (Static ML) static engine - malicious 20170315
Sophos AV Mal/Generic-S 20170326
Symantec Trojan.Gen.2 20170325
Tencent Win32.Backdoor.Dridex.Pald 20170326
Webroot W32.Trojan.Gen 20170326
ZoneAlarm by Check Point Backdoor.Win32.Dridex.dg 20170326
Alibaba 20170325
ALYac 20170325
Antiy-AVL 20170326
Avast 20170326
AVG 20170325
AVware 20170326
Bkav 20170326
ClamAV 20170325
CMC 20170325
Cyren 20170326
DrWeb 20170326
F-Prot 20170326
Jiangmin 20170325
K7AntiVirus 20170325
Kingsoft 20170326
Malwarebytes 20170325
NANO-Antivirus 20170326
nProtect 20170326
Panda 20170325
SUPERAntiSpyware 20170325
Symantec Mobile Insight 20170324
TheHacker 20170321
TotalDefense 20170325
TrendMicro 20170326
TrendMicro-HouseCall 20170326
Trustlook 20170326
VBA32 20170324
VIPRE 20170325
ViRobot 20170326
WhiteArmor 20170315
Yandex 20170323
Zillya 20170323
Zoner 20170326
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-03-21 15:50:13
Entry Point 0x0000D300
Number of sections 19
PE sections
PE imports
GetComputerNameW
ReadConsoleOutputW
FreeConsole
SetThreadPriorityBoost
GetCommandLineA
GetProcAddress
GetModuleHandleW
StrRStrIA
malloc
getchar
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2017:03:21 16:50:13+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
53760

LinkerVersion
4.0

EntryPoint
0xd300

InitializedDataSize
129024

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 b0091c348e617462964b5ddf72d7073c
SHA1 88c141d4f8d1acd2305f24a8d3d056839f980252
SHA256 e6792c6620064bf5c6a69d6d7262c5c97578c55c4fd2e1a75240dc7db6724db7
ssdeep
3072:yItYnpoIqni1yJCHkFVMbEfeL50mRj6wSnlKY4w2rn+quh4:yItJoyJxMbEWtRVLSKxVr0m

authentihash 6ef7ce37d15c2ab6ac58bd79f9d8c5591bf177becef7b414137132d188d90d76
imphash ed9b1c5cbb97a8fe81b826d6f8036071
File size 163.5 KB ( 167424 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.6%)
Clipper DOS Executable (19.1%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
VXD Driver (0.2%)
Tags
peexe

VirusTotal metadata
First submission 2017-03-25 23:56:51 UTC ( 1 year, 11 months ago )
Last submission 2017-03-26 02:07:05 UTC ( 1 year, 11 months ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!