× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f87dfa59f6ac2592ae76b43d8ed1e3f9513e639acaf0c337ae6d3e4b131a0171
File name: zbetcheckin_tracker_we.exe
Detection ratio: 17 / 67
Analysis date: 2019-04-09 05:28:29 UTC ( 1 month, 2 weeks ago ) View latest
Antivirus Result Update
Acronis suspicious 20190409
AVG FileRepMalware 20190409
CrowdStrike Falcon (ML) win/malicious_confidence_90% (D) 20190212
Cybereason malicious.2b2a03 20190403
Cyren W32/Trojan.SW.gen!Eldorado 20190409
Endgame malicious (high confidence) 20190403
ESET-NOD32 a variant of MSIL/Kryptik.RHZ 20190409
FireEye Generic.mg.f297b476761c3cbc 20190409
Fortinet MSIL/Kryptik.RHZ!tr 20190409
Sophos ML heuristic 20190313
Kaspersky UDS:DangerousObject.Multi.Generic 20190409
McAfee-GW-Edition BehavesLike.Win32.Generic.gc 20190409
Palo Alto Networks (Known Signatures) generic.ml 20190409
Qihoo-360 HEUR/QVM03.0.6705.Malware.Gen 20190409
SentinelOne (Static ML) DFI - Suspicious PE 20190407
Trapmine malicious.high.ml.score 20190325
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20190409
Ad-Aware 20190409
AegisLab 20190409
AhnLab-V3 20190408
Alibaba 20190402
ALYac 20190409
Antiy-AVL 20190409
Arcabit 20190409
Avast 20190409
Avast-Mobile 20190408
Avira (no cloud) 20190408
Babable 20180918
Baidu 20190318
BitDefender 20190409
Bkav 20190408
CAT-QuickHeal 20190407
ClamAV 20190408
CMC 20190321
Comodo 20190409
DrWeb 20190409
eGambit 20190409
Emsisoft 20190409
F-Secure 20190408
GData 20190409
Ikarus 20190408
Jiangmin 20190409
K7AntiVirus 20190408
K7GW 20190409
Kingsoft 20190409
Malwarebytes 20190409
MAX 20190409
McAfee 20190409
Microsoft 20190409
eScan 20190409
NANO-Antivirus 20190409
Panda 20190408
Rising 20190409
Sophos AV 20190409
SUPERAntiSpyware 20190404
Symantec Mobile Insight 20190408
TACHYON 20190409
Tencent 20190409
TheHacker 20190405
TotalDefense 20190408
TrendMicro-HouseCall 20190409
Trustlook 20190409
VBA32 20190408
VIPRE 20190409
ViRobot 20190409
Yandex 20190408
Zillya 20190408
Zoner 20190409
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2009

Product qZFFV3+Hw9sRIPgoc8MgJHDv
Original name yy8.exe
Internal name yy8.exe
File version 2.3.4.5
Description qZFFV3+Hw9sRIPgoc8MgJHDv
Comments A0rTlkv0aKmWOXrH1GoR
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-01-07 14:59:18
Entry Point 0x0007BA1E
Number of sections 3
.NET details
Module Version ID 99c3d12e-2809-4bc8-b2ef-9596626bb3c9
TypeLib ID 9b9fb625-d6dd-4770-b669-bbc03aed34e7
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
A0rTlkv0aKmWOXrH1GoR

InitializedDataSize
2048

ImageVersion
0.0

ProductName
qZFFV3+Hw9sRIPgoc8MgJHDv

FileVersionNumber
2.3.4.5

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
8.0

FileTypeExtension
exe

OriginalFileName
yy8.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
2.3.4.5

TimeStamp
2002:01:07 15:59:18+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
yy8.exe

ProductVersion
2.3.4.5

FileDescription
qZFFV3+Hw9sRIPgoc8MgJHDv

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright 2009

MachineType
Intel 386 or later, and compatibles

CompanyName
enexagusokeyub

CodeSize
498688

FileSubtype
0

ProductVersionNumber
2.3.4.5

EntryPoint
0x7ba1e

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 f297b476761c3cbcddf768ce325ad049
SHA1 d095e112b2a03b2c103b85b00e16b88bc26c61b8
SHA256 f87dfa59f6ac2592ae76b43d8ed1e3f9513e639acaf0c337ae6d3e4b131a0171
ssdeep
12288:dlj9cVr6ccVr6lvR9Xlj9cVr6ccVr6lvR9SKUFC4oHJ9CS:dh9c56cc56lvR9Xh9c56cc56lvR9dFWS

authentihash b5b7f390e623b3452f193b19231abf31336185e179efc317458a3559cbc9eb83
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 489.5 KB ( 501248 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (79.2%)
Win32 Dynamic Link Library (generic) (7.1%)
Win32 Executable (generic) (4.8%)
Win16/32 Executable Delphi generic (2.2%)
OS/2 Executable (generic) (2.1%)
Tags
peexe assembly

VirusTotal metadata
First submission 2019-04-09 05:28:29 UTC ( 1 month, 2 weeks ago )
Last submission 2019-04-10 09:17:14 UTC ( 1 month, 2 weeks ago )
File names zbetcheckin_tracker_we.exe
f297b476.gxe
yy8.exe
we.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!