× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f33218af28d6a9b12eb1f4b57065676aeac1eb4bb83058565299c0805a044f42
File name: 403880
Detection ratio: 3 / 54
Analysis date: 2016-02-09 10:30:06 UTC ( 3 years, 1 month ago ) View latest
Antivirus Result Update
ESET-NOD32 a variant of Win32/Packed.Themida suspicious 20160209
Ikarus Trojan-Ransom.Win32.Gimemo 20160209
Rising PE:Joke.ArchSMS!6.26A1 [F] 20160209
Ad-Aware 20160209
AegisLab 20160209
Yandex 20160206
AhnLab-V3 20160208
Alibaba 20160204
Antiy-AVL 20160209
Arcabit 20160209
Avast 20160209
AVG 20160209
Avira (no cloud) 20160209
Baidu-International 20160209
BitDefender 20160209
Bkav 20160204
ByteHero 20160209
CAT-QuickHeal 20160209
ClamAV 20160209
CMC 20160205
Comodo 20160209
Cyren 20160209
DrWeb 20160209
Emsisoft 20160209
F-Prot 20160129
F-Secure 20160209
Fortinet 20160209
GData 20160209
Jiangmin 20160209
K7AntiVirus 20160209
K7GW 20160209
Kaspersky 20160209
Malwarebytes 20160209
McAfee 20160209
McAfee-GW-Edition 20160209
Microsoft 20160209
eScan 20160209
NANO-Antivirus 20160209
nProtect 20160205
Panda 20160208
Qihoo-360 20160209
Sophos AV 20160209
SUPERAntiSpyware 20160209
Symantec 20160208
Tencent 20160209
TheHacker 20160208
TotalDefense 20160208
TrendMicro 20160209
TrendMicro-HouseCall 20160209
VBA32 20160208
VIPRE 20160209
ViRobot 20160209
Zillya 20160208
Zoner 20160209
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
1088
Uncompressed size
18191708
Highest datetime
2013-12-17 13:16:30
Lowest datetime
2005-09-23 02:49:04
Contained files by extension
h
73
cpp
56
old
55
cs
49
ico
45
sln
39
vb
30
inc
29
res
24
pas
23
dfm
23
ddp
19
dsp
17
rc
17
dsw
17
vm
16
lng
15
dpr
13
cfg
12
bpr
10
~h
9
frm
9
dof
9
vbp
9
vbw
9
htm
8
bas
8
exe
8
dcu
7
pb
5
dll
5
txt
4
suo
4
asm
4
pbi
4
bat
3
d
3
lib
2
gif
2
XML
2
css
1
pdf
1
Contained files by type
unknown
743
directory
158
XML
79
Portable Executable
13
Microsoft Office
4
GIF
2
PDF
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x53fb0434

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
10216448

ZipCompressedSize
10020187

FileTypeExtension
zip

ZipFileName
WinLicense.exe

ZipBitFlag
0

ZipModifyDate
2013:12:17 13:16:30

File identification
MD5 a2123d174cd63f4e35a5d98a33698a7d
SHA1 8e07dbf36a18c4607ef62c58a974b1b9f9f7c8f3
SHA256 f33218af28d6a9b12eb1f4b57065676aeac1eb4bb83058565299c0805a044f42
ssdeep
393216:xbWleCITM1xibvGZn4oVLw32ylUPP6pUvkIoDrBYiv:xbWle7TM1x8GZnPhEblk6pCkISBtv

File size 16.7 MB ( 17468779 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (80.0%)
PrintFox/Pagefox bitmap (var. P) (20.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2014-01-06 04:26:35 UTC ( 5 years, 2 months ago )
Last submission 2018-05-25 01:51:24 UTC ( 10 months ago )
File names 403880
WinLicenseDemo.zip
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!