× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ef156a52fcdcc8a0bb59c582091d39d39f0e6ce57c3fff5f4269c5edafe9b096
File name: .
Detection ratio: 26 / 70
Analysis date: 2019-01-24 18:04:46 UTC ( 1 month, 3 weeks ago )
Antivirus Result Update
Ad-Aware Trojan.Agent.DOFV 20190124
ALYac Trojan.Agent.DOFV 20190124
Arcabit Trojan.Agent.DOFV 20190124
Avast Win32:Malware-gen 20190124
AVG Win32:Malware-gen 20190124
BitDefender Trojan.Agent.DOFV 20190124
CrowdStrike Falcon (ML) malicious_confidence_60% (D) 20181023
Cylance Unsafe 20190124
DrWeb Trojan.Inject3.12324 20190124
Emsisoft Trojan.Agent.DOFV (B) 20190124
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Injector.EDCX 20190124
F-Secure Trojan.Agent.DOFV 20190124
Fortinet W32/GenKryptik.CXJJ!tr 20190124
GData Trojan.Agent.DOFV 20190124
Sophos ML heuristic 20181128
Kaspersky Trojan-Banker.Win32.IcedID.tohy 20190124
Malwarebytes Trojan.Banker 20190124
MAX malware (ai score=85) 20190124
eScan Trojan.Agent.DOFV 20190124
Qihoo-360 HEUR/QVM03.0.C409.Malware.Gen 20190124
Rising Trojan.GenKryptik!8.AA55 (TFE:dGZlOgM2B+6Xy7uQuQ) 20190124
Symantec ML.Attribute.HighConfidence 20190124
Trapmine malicious.moderate.ml.score 20190123
Webroot W32.Trojan.Gen 20190124
ZoneAlarm by Check Point Trojan-Banker.Win32.IcedID.tohy 20190124
Acronis 20190124
AegisLab 20190124
AhnLab-V3 20190124
Alibaba 20180921
Antiy-AVL 20190124
Avast-Mobile 20190124
Avira (no cloud) 20190124
Babable 20180918
Baidu 20190124
Bkav 20190124
CAT-QuickHeal 20190124
ClamAV 20190124
CMC 20190124
Comodo 20190124
Cyren 20190124
eGambit 20190124
F-Prot 20190124
Ikarus 20190124
Jiangmin 20190124
K7AntiVirus 20190124
K7GW 20190124
Kingsoft 20190124
McAfee 20190124
McAfee-GW-Edition 20190124
Microsoft 20190124
NANO-Antivirus 20190124
Palo Alto Networks (Known Signatures) 20190124
Panda 20190124
SentinelOne (Static ML) 20190124
Sophos AV 20190124
SUPERAntiSpyware 20190123
TACHYON 20190124
Tencent 20190124
TheHacker 20190118
TotalDefense 20190124
TrendMicro 20190124
TrendMicro-HouseCall 20190124
Trustlook 20190124
VBA32 20190124
VIPRE 20190124
ViRobot 20190124
Yandex 20190124
Zillya 20190124
Zoner 20190124
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product TimeRemain
Original name TimeRemain.exe
Internal name TimeRemain
File version 1.00.0033
Description take for the progressbar to reach 100%
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-01-22 02:22:24
Entry Point 0x00001194
Number of sections 3
PE sections
PE imports
_adj_fdiv_m32
__vbaChkstk
_CIatan
__vbaGenerateBoundsError
_allmul
__vbaAryUnlock
_adj_fprem
_adj_fpatan
_adj_fdiv_m32i
_adj_fdivr_m64
__vbaSetSystemError
__vbaRedim
DllFunctionCall
__vbaFPException
_adj_fdivr_m16i
__vbaUbound
_adj_fdiv_r
Ord(100)
__vbaAryConstruct2
_adj_fdiv_m64
_CIsin
_CIsqrt
__vbaUI1I2
_CIlog
__vbaAryLock
_CIcos
_adj_fptan
__vbaExceptHandler
__vbaErrorOverflow
__vbaFreeStr
_adj_fdivr_m32i
__vbaAryDestruct
_CIexp
__vbaStrToAnsi
_adj_fprem1
_adj_fdivr_m32
_CItan
_adj_fdiv_m16i
Number of PE resources by type
EXP_CPFIX 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
6.0

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
1.0.0.33

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
take for the progressbar to reach 100%

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
32768

EntryPoint
0x1194

OriginalFileName
TimeRemain.exe

MIMEType
application/octet-stream

FileVersion
1.00.0033

TimeStamp
2019:01:22 03:22:24+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
TimeRemain

ProductVersion
1.00.0033

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
AIL/TSO

CodeSize
12288

ProductName
TimeRemain

ProductVersionNumber
1.0.0.33

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 39c87fff1b0c3e7e8032341ec4e235f6
SHA1 211b804a5a635fb79a8f5d3aadbe5463aecd8ff4
SHA256 ef156a52fcdcc8a0bb59c582091d39d39f0e6ce57c3fff5f4269c5edafe9b096
ssdeep
768:aBT+rydg8rV32E/i+yy8dw/+dCh02uxx86Cuscy8wrH+rDLy/as:aBToGgYhP+dS02Ihy7yvLySs

authentihash fd08467dce5ce9e84e179b64d1b9ad0be5c17218fe0b7d44fa14ce1c6fb0f6b7
imphash aaa164953a077f774b4dcb1617da0233
File size 48.0 KB ( 49152 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (88.6%)
Win32 Executable (generic) (4.8%)
OS/2 Executable (generic) (2.1%)
Generic Win/DOS Executable (2.1%)
DOS Executable Generic (2.1%)
Tags
peexe

VirusTotal metadata
First submission 2019-01-24 18:04:46 UTC ( 1 month, 3 weeks ago )
Last submission 2019-01-24 18:04:46 UTC ( 1 month, 3 weeks ago )
File names TimeRemain
TimeRemain.exe
.
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!