× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: eb2ba9d47c3a3c0120738069bc146de637497b60ab0d4152e582d80c136f1d68
File name: MyLogerMailEnd.exe
Detection ratio: 46 / 56
Analysis date: 2016-11-30 23:45:17 UTC ( 4 months, 3 weeks ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Kazy.434187 20161130
AegisLab Troj.W32.Generic!c 20161130
ALYac Gen:Variant.Kazy.434187 20161130
Antiy-AVL Trojan[:HEUR]/Win32.Unknown 20161130
Arcabit Trojan.Kazy.D6A00B 20161130
Avast Win32:Malware-gen 20161130
AVG PSW.ILSpy 20161130
Avira (no cloud) TR/Spy.Gen 20161130
AVware Trojan.Win32.Generic!BT 20161130
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9998 20161130
BitDefender Gen:Variant.Kazy.434187 20161130
Bkav W32.LogalicY.Trojan 20161130
ClamAV Win.Trojan.Agent-394251 20161130
Comodo UnclassifiedMalware 20161130
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20161024
Cyren W32/GenBl.7D867D6B!Olympus 20161130
DrWeb Trojan.MulDrop3.15906 20161130
Emsisoft Gen:Variant.Kazy.434187 (B) 20161130
ESET-NOD32 MSIL/Agent.NOG 20161130
F-Secure Gen:Variant.Kazy.434187 20161130
Fortinet MSIL/Generic.DN.11AA0D!tr 20161201
GData Gen:Variant.Kazy.434187 20161201
Ikarus Trojan.MSIL.Spy 20161130
Invincea backdoor.msil.dalatar.a 20161128
Jiangmin Trojan/Generic.apwzv 20161130
K7AntiVirus Backdoor ( 04c4d2ae1 ) 20161130
K7GW Backdoor ( 04c4d2ae1 ) 20161201
Kaspersky HEUR:Trojan.Win32.Generic 20161201
Kingsoft Win32.Troj.Undef.(kcloud) 20161201
Malwarebytes Trojan.Injector 20161130
McAfee RDN/Generic PWS.y 20161201
McAfee-GW-Edition RDN/Generic PWS.y 20161130
Microsoft Trojan:Win32/Skeeyah.A!rfn 20161201
eScan Gen:Variant.Kazy.434187 20161201
NANO-Antivirus Trojan.Win32.MulDrop3.dkjuui 20161130
Qihoo-360 Win32/Trojan.e6d 20161201
Rising Trojan.Generic-XlIn1VYN9cC (cloud) 20161130
Sophos Mal/MSIL-AV 20161201
Tencent Win32.Trojan.Spy.Akpi 20161201
TheHacker Trojan/Agent.nog 20161130
TrendMicro TROJ_MSIL.AXA 20161201
TrendMicro-HouseCall TROJ_MSIL.AXA 20161130
VIPRE Trojan.Win32.Generic!BT 20161130
ViRobot Trojan.Win32.S.Agent.34304.L[h] 20161130
Yandex Trojan.Agent!qv0DUzQJvlo 20161128
Zillya Trojan.Agent.Win32.313572 20161130
AhnLab-V3 20161130
Alibaba 20161130
CAT-QuickHeal 20161130
CMC 20161130
F-Prot 20161201
nProtect 20161130
Panda 20161130
SUPERAntiSpyware 20161130
Symantec 20161130
Trustlook 20161201
VBA32 20161130
WhiteArmor 20161125
Zoner 20161130
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2012

Product MyLogerMailEnd
Original name MyLogerMailEnd.exe
Internal name MyLogerMailEnd.exe
File version 1.0.0.0
Description MyLogerMailEnd
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-04-11 03:36:51
Entry Point 0x0000902E
Number of sections 4
.NET details
Module Version ID b5a1aa22-2e17-4024-864c-f0201f23a7ab
TypeLib ID 1fb2c7ea-d7d1-4a20-8c90-aae8f3effdf8
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 5
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
4096

EntryPoint
0x902e

OriginalFileName
MyLogerMailEnd.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2012

FileVersion
1.0.0.0

TimeStamp
2012:04:11 04:36:51+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
MyLogerMailEnd.exe

ProductVersion
1.0.0.0

FileDescription
MyLogerMailEnd

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
29184

ProductName
MyLogerMailEnd

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 7d867d6bd5fc3015a31fdfa121ba9187
SHA1 c83478bc431e936f36919c59103bd6ba845c8060
SHA256 eb2ba9d47c3a3c0120738069bc146de637497b60ab0d4152e582d80c136f1d68
ssdeep
768:AWGVCut7YGTQijWaqL0bZ02XPkz1zcyWg:AW1utFNqL0W2fkz1z/

authentihash 84d567c55a9160e7007a440967c2b322b5a80e59e16b29cf51bd4a00ba6452b9
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 33.5 KB ( 34304 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (55.8%)
Win64 Executable (generic) (21.0%)
Windows screen saver (9.9%)
Win32 Dynamic Link Library (generic) (5.0%)
Win32 Executable (generic) (3.4%)
Tags
peexe assembly

VirusTotal metadata
First submission 2012-04-11 11:36:15 UTC ( 5 years ago )
Last submission 2016-11-30 23:45:17 UTC ( 4 months, 3 weeks ago )
File names test.bin
MyLogerMailEnd.exe
1.exe
eb2ba9d47c3a3c0120738069bc146de637497b60ab0d4152e582d80c136f1d68
eb2ba9d47c3a3c0120738069bc146de637497b60ab0d4152e582d80c136f1d68
FacebookWebBrowser.ex
FacebookWebBrowser.exe
FacebookWebBrowser.exe
FacebookWebBrowser.exe
db826caa-6c93-40fa-ab76-6bd1b9b246c9
7d867d6bd5fc3015a31fdfa121ba9187.virus
eb2ba9d47c3a3c0120738069bc146de637497b60ab0d4152e582d80c136f1d68-2
7d867d6bd5fc3015a31fdfa121ba9187.exe
10.exe
7D867D6BD5FC3015A31FDFA121BA9187
eb2ba9d47c3a3c0120738069bc146de637497b60ab0d4152e582d80c136f1d68.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!