× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ef8831ba091a5ed2dc097645337f3fff8240f837ffd8ee6c7292ea79f6f10c38
File name: 49842
Detection ratio: 0 / 54
Analysis date: 2016-02-08 15:13:02 UTC ( 3 years ago ) View latest
Antivirus Result Update
Ad-Aware 20160208
AegisLab 20160208
Yandex 20160206
AhnLab-V3 20160208
Alibaba 20160204
Antiy-AVL 20160208
Arcabit 20160208
Avast 20160208
AVG 20160208
Avira (no cloud) 20160208
Baidu-International 20160208
BitDefender 20160208
Bkav 20160204
ByteHero 20160208
CAT-QuickHeal 20160208
ClamAV 20160206
CMC 20160205
Comodo 20160208
Cyren 20160208
DrWeb 20160208
Emsisoft 20160208
ESET-NOD32 20160208
F-Prot 20160129
F-Secure 20160208
Fortinet 20160208
GData 20160208
Ikarus 20160208
Jiangmin 20160208
K7AntiVirus 20160208
K7GW 20160208
Kaspersky 20160208
Malwarebytes 20160208
McAfee 20160208
McAfee-GW-Edition 20160208
Microsoft 20160208
eScan 20160208
NANO-Antivirus 20160208
nProtect 20160205
Panda 20160207
Qihoo-360 20160208
Rising 20160208
Sophos AV 20160208
SUPERAntiSpyware 20160208
Symantec 20160207
Tencent 20160208
TheHacker 20160206
TotalDefense 20160208
TrendMicro 20160208
TrendMicro-HouseCall 20160208
VBA32 20160208
VIPRE 20160208
ViRobot 20160208
Zillya 20160208
Zoner 20160208
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
2
Uncompressed size
488577
Highest datetime
2009-11-01 22:17:10
Lowest datetime
2009-11-01 21:58:34
Contained files by extension
txt
1
exe
1
Contained files by type
unknown
1
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x7cc37d3e

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
5743

ZipCompressedSize
1854

FileTypeExtension
zip

ZipFileName
Readme.txt

ZipBitFlag
0

ZipModifyDate
2009:11:01 21:58:34

Execution parents
File identification
MD5 62de631d200cce9f7d57cec740e9e88f
SHA1 a25c6dbdf6fa4028d35e27ce27496bcfab141354
SHA256 ef8831ba091a5ed2dc097645337f3fff8240f837ffd8ee6c7292ea79f6f10c38
ssdeep
12288:CGmJoHTo3k6/bD/o+UAmmi1vwOWdEGMGy:CGEeTD6wxZ7GMp

File size 450.3 KB ( 461144 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (80.0%)
PrintFox/Pagefox bitmap (var. P) (20.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2010-03-31 19:43:18 UTC ( 8 years, 10 months ago )
Last submission 2016-12-14 14:30:38 UTC ( 2 years, 2 months ago )
File names 1283694122-portmarshaller.zip
portmarshaller.zip
49842
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!