× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f2cee0a320e0db86f72324ae9a88fe4786175cfbbbdb7e8ad51fb9978283754b
File name: 406813
Detection ratio: 0 / 54
Analysis date: 2016-02-09 09:35:05 UTC ( 3 years, 1 month ago ) View latest
Antivirus Result Update
Ad-Aware 20160209
AegisLab 20160209
Yandex 20160206
AhnLab-V3 20160208
Alibaba 20160204
Antiy-AVL 20160209
Arcabit 20160209
Avast 20160209
AVG 20160209
Avira (no cloud) 20160209
Baidu-International 20160209
BitDefender 20160209
Bkav 20160204
ByteHero 20160209
CAT-QuickHeal 20160209
ClamAV 20160209
CMC 20160205
Comodo 20160209
Cyren 20160209
DrWeb 20160209
Emsisoft 20160209
ESET-NOD32 20160209
F-Prot 20160129
F-Secure 20160209
Fortinet 20160209
GData 20160209
Ikarus 20160209
Jiangmin 20160209
K7AntiVirus 20160209
K7GW 20160209
Kaspersky 20160209
Malwarebytes 20160208
McAfee 20160209
McAfee-GW-Edition 20160209
Microsoft 20160209
eScan 20160209
NANO-Antivirus 20160209
nProtect 20160205
Panda 20160208
Qihoo-360 20160209
Rising 20160209
Sophos AV 20160209
SUPERAntiSpyware 20160209
Symantec 20160208
Tencent 20160209
TheHacker 20160208
TotalDefense 20160208
TrendMicro 20160209
TrendMicro-HouseCall 20160209
VBA32 20160208
VIPRE 20160209
ViRobot 20160209
Zillya 20160208
Zoner 20160209
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
3
Uncompressed size
14705317
Highest datetime
2011-04-19 22:23:42
Lowest datetime
2004-10-08 01:31:16
Contained files by extension
gif
1
txt
1
exe
1
Contained files by type
GIF
1
Portable Executable
1
unknown
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x7829885a

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
14698298

ZipCompressedSize
14694924

FileTypeExtension
zip

ZipFileName
install.exe

ZipBitFlag
0

ZipModifyDate
2011:04:19 22:23:42

File identification
MD5 b884137653a880bb38c1199dac4d3f5d
SHA1 433055245d4e188d9121535b15aca9b2ca223b00
SHA256 f2cee0a320e0db86f72324ae9a88fe4786175cfbbbdb7e8ad51fb9978283754b
ssdeep
393216:8WsyRPCC5jDNAerneHmAWx3kOROxMv8Qn:psyRPL5H5rimAU3knPQn

File size 14.0 MB ( 14699244 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID Mozilla Firefox browser extension (61.5%)
ZIP compressed archive (30.7%)
PrintFox/Pagefox bitmap (var. P) (7.6%)
Tags
contains-pe aspack zip

VirusTotal metadata
First submission 2011-11-10 10:59:49 UTC ( 7 years, 4 months ago )
Last submission 2016-06-15 06:26:42 UTC ( 2 years, 9 months ago )
File names file-4300581_zip
zf_506.zip
406813
zf.zip
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!