× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e75d566bd4a0a406dec711e1d1b21bd47194d46dfb2bde4f9761a06d4557bd87
File name: gMxKrsC5yYKiVQR4Lr.exe
Detection ratio: 13 / 64
Analysis date: 2018-03-22 21:34:28 UTC ( 11 months ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20180322
AVG FileRepMalware 20180322
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180322
Bkav HW32.Packed.8007 20180322
Cylance Unsafe 20180322
eGambit Unsafe.AI_Score_90% 20180322
Endgame malicious (high confidence) 20180316
Fortinet W32/Kryptik.GDRZ!tr 20180322
Sophos ML heuristic 20180121
Palo Alto Networks (Known Signatures) generic.ml 20180322
Qihoo-360 HEUR/QVM20.1.0051.Malware.Gen 20180322
Sophos AV Mal/EncPk-ANR 20180322
Symantec ML.Attribute.HighConfidence 20180322
Ad-Aware 20180322
AegisLab 20180322
AhnLab-V3 20180322
Alibaba 20180322
ALYac 20180322
Antiy-AVL 20180322
Arcabit 20180322
Avast-Mobile 20180322
Avira (no cloud) 20180322
AVware 20180322
BitDefender 20180322
CAT-QuickHeal 20180322
ClamAV 20180322
CMC 20180322
Comodo 20180322
CrowdStrike Falcon (ML) 20170201
Cybereason None
Cyren 20180322
DrWeb 20180322
Emsisoft 20180322
ESET-NOD32 20180322
F-Prot 20180322
F-Secure 20180322
GData 20180322
Ikarus 20180322
Jiangmin 20180322
K7AntiVirus 20180322
K7GW 20180322
Kaspersky 20180322
Kingsoft 20180322
Malwarebytes 20180322
MAX 20180322
McAfee 20180322
McAfee-GW-Edition 20180322
Microsoft 20180322
eScan 20180322
NANO-Antivirus 20180322
nProtect 20180322
Panda 20180322
Rising 20180322
SentinelOne (Static ML) 20180225
SUPERAntiSpyware 20180322
Symantec Mobile Insight 20180311
Tencent 20180322
TheHacker 20180319
TotalDefense 20180322
TrendMicro 20180322
TrendMicro-HouseCall 20180322
Trustlook 20180322
VBA32 20180322
VIPRE 20180322
ViRobot 20180322
Webroot 20180322
WhiteArmor 20180223
Yandex 20180322
Zillya 20180322
ZoneAlarm by Check Point 20180322
Zoner 20180322
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1994-02-10 08:45:25
Entry Point 0x00005000
Number of sections 6
PE sections
PE imports
JetDelete
LocalFree
GetTimeZoneInformation
LocalAlloc
lstrlenA
GetNLSVersionEx
GetCommandLineA
GetNumberOfConsoleMouseButtons
GetUserDefaultLangID
VarCyInt
IsCharSpaceA
SetCapture
AnyPopup
TileWindows
IsWindowUnicode
DdeConnect
ChangeClipboardChain
MonitorFromWindow
GetThreadDesktop
DeleteMenu
Number of PE resources by type
RT_ICON 11
RT_STRING 2
RT_BITMAP 1
RT_RCDATA 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 13
NEUTRAL 3
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
1994:02:10 00:45:25-08:00

FileType
Win32 EXE

PEType
PE32

CodeSize
1

LinkerVersion
11.8

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x5000

InitializedDataSize
113664

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
4096

File identification
MD5 e966add30e4ad74713430363ca8d0383
SHA1 cfdd0726a9d37032e47f0f6926eb11eb5cbb7490
SHA256 e75d566bd4a0a406dec711e1d1b21bd47194d46dfb2bde4f9761a06d4557bd87
ssdeep
3072:Mco97e/zu4vm6iAOigRi3t5dFuFTWUwtgew/+:27e/zu4iZ6HUJew

authentihash 1ac4f4161a51994baedb081af3b15b844fa850f43a9e1080103920fd3e8819a1
imphash 128f5d286f95e7a41ac60c8d98153f66
File size 123.5 KB ( 126464 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2018-03-22 21:34:28 UTC ( 11 months ago )
Last submission 2018-05-19 17:46:07 UTC ( 9 months, 1 week ago )
File names fixextractor.exe
5566.exe
11808.exe
gMxKrsC5yYKiVQR4Lr.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!