× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ec8c245a3b3f0573cfebf2dc9eacdade095433440b8a60b84556324c99d12850
File name: PaymentReceipt.jpg
Detection ratio: 21 / 70
Analysis date: 2019-03-05 16:39:48 UTC ( 2 months, 3 weeks ago ) View latest
Antivirus Result Update
Acronis suspicious 20190222
Avast FileRepMalware 20190305
AVG FileRepMalware 20190305
CrowdStrike Falcon (ML) win/malicious_confidence_100% (D) 20190212
Cylance Unsafe 20190305
Endgame malicious (high confidence) 20190215
ESET-NOD32 a variant of MSIL/GenKryptik.DBNT 20190305
Sophos ML heuristic 20181128
Kaspersky HEUR:Backdoor.MSIL.Androm.gen 20190305
Malwarebytes Spyware.PasswordStealer.MSIL.Generic 20190305
McAfee-GW-Edition BehavesLike.Win32.Generic.fc 20190305
Microsoft Trojan:Win32/Fuery.C!cl 20190305
Palo Alto Networks (Known Signatures) generic.ml 20190305
Panda Trj/Genetic.gen 20190303
Qihoo-360 HEUR/QVM03.0.A4B7.Malware.Gen 20190305
SentinelOne (Static ML) static engine - malicious 20190203
Symantec ML.Attribute.HighConfidence 20190305
Trapmine malicious.high.ml.score 20190301
TrendMicro BKDR_HPBLADABINDI.SMZ 20190305
TrendMicro-HouseCall BKDR_HPBLADABINDI.SMZ 20190305
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20190305
Ad-Aware 20190305
AegisLab 20190305
AhnLab-V3 20190305
Alibaba 20180921
ALYac 20190305
Antiy-AVL 20190305
Arcabit 20190305
Avast-Mobile 20190305
Avira (no cloud) 20190305
Babable 20180918
Baidu 20190215
BitDefender 20190305
Bkav 20190304
CAT-QuickHeal 20190304
ClamAV 20190305
CMC 20190305
Comodo 20190305
Cybereason 20190109
Cyren 20190305
DrWeb 20190305
eGambit 20190305
Emsisoft 20190305
F-Prot 20190305
F-Secure 20190305
Fortinet 20190305
GData 20190305
Ikarus 20190305
Jiangmin 20190305
K7AntiVirus 20190304
K7GW 20190305
Kingsoft 20190305
MAX 20190305
McAfee 20190305
eScan 20190305
NANO-Antivirus 20190305
Rising 20190305
Sophos AV 20190305
SUPERAntiSpyware 20190227
Symantec Mobile Insight 20190220
TACHYON 20190305
Tencent 20190305
TheHacker 20190304
TotalDefense 20190305
Trustlook 20190305
VBA32 20190305
ViRobot 20190305
Webroot 20190305
Yandex 20190301
Zillya 20190304
Zoner 20190305
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2018 HAVASI SERV CONSTRUCT SRL

Product Access Web Datasheet Component
Original name Payment Receipt.exe
Internal name Payment Receipt.exe
File version 2.8.20.1
Description Access Web Datasheet Component
Comments emulilopotosis
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1989-09-01 11:03:29
Entry Point 0x0006155E
Number of sections 3
.NET details
Module Version ID b2dddf1a-040e-4a46-8613-64e72b8b6bf0
TypeLib ID 4291541b-ffa7-4ec5-b919-140646191cbe
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
emulilopotosis

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.8.20.1

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Access Web Datasheet Component

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
2560

EntryPoint
0x6155e

OriginalFileName
Payment Receipt.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2018 HAVASI SERV CONSTRUCT SRL

FileVersion
2.8.20.1

TimeStamp
1989:09:01 13:03:29+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
Payment Receipt.exe

ProductVersion
2.8.20.1

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
HAVASI SERV CONSTRUCT SRL

CodeSize
390656

ProductName
Access Web Datasheet Component

ProductVersionNumber
2.8.20.1

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 a781514cec65f2ff8c6f96cd0904391b
SHA1 0cf7af5f355e700690e0a02afa73a20c8db6d545
SHA256 ec8c245a3b3f0573cfebf2dc9eacdade095433440b8a60b84556324c99d12850
ssdeep
6144:UEUKf2RgiqmANcgVDuLRmOSGVJemXikfcYv56Irrs62Bnt2q0h:rUKf2laDuF5zXbkU5d2BnC

authentihash cbbbb30037e21ebc449abd750bb68c27d0cd4ead3d2984fcef0e30603cf82549
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 384.5 KB ( 393728 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win64 Executable (generic) (61.7%)
Win32 Dynamic Link Library (generic) (14.7%)
Win32 Executable (generic) (10.0%)
OS/2 Executable (generic) (4.5%)
Generic Win/DOS Executable (4.4%)
Tags
peexe assembly

VirusTotal metadata
First submission 2019-03-05 16:39:48 UTC ( 2 months, 3 weeks ago )
Last submission 2019-03-05 16:39:48 UTC ( 2 months, 3 weeks ago )
File names PaymentReceipt.jpg
Payment Receipt.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!