× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: fc0396cf24b550558f0a7fab0c269dc0062d0d37c0cf49676ae959b9b5a35a9a
File name: P.I #099880990 pdf.exe
Detection ratio: 18 / 68
Analysis date: 2017-11-20 04:24:29 UTC ( 1 year, 4 months ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20171120
AVG FileRepMalware 20171120
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9998 20171117
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20171016
Cybereason malicious.4c8b51 20171103
Cylance Unsafe 20171120
DrWeb Trojan.Inject2.63196 20171120
Endgame malicious (high confidence) 20171024
ESET-NOD32 a variant of MSIL/Injector.TDI 20171119
Ikarus Win32.Outbreak 20171119
Sophos ML heuristic 20170914
Kaspersky UDS:DangerousObject.Multi.Generic 20171120
McAfee Artemis!87EB1A247963 20171120
McAfee-GW-Edition BehavesLike.Win32.Trojan.fc 20171120
Palo Alto Networks (Known Signatures) generic.ml 20171120
SentinelOne (Static ML) static engine - malicious 20171113
Tencent Win32.Trojan.Inject.Auto 20171120
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20171120
Ad-Aware 20171120
AegisLab 20171120
AhnLab-V3 20171119
Alibaba 20170911
ALYac 20171120
Antiy-AVL 20171120
Arcabit 20171120
Avast-Mobile 20171119
Avira (no cloud) 20171119
AVware 20171120
BitDefender 20171120
Bkav 20171118
CAT-QuickHeal 20171118
ClamAV 20171120
CMC 20171119
Comodo 20171120
Cyren 20171120
eGambit 20171120
Emsisoft 20171120
F-Prot 20171120
F-Secure 20171120
Fortinet 20171120
GData 20171120
Jiangmin 20171120
K7AntiVirus 20171117
K7GW 20171120
Kingsoft 20171120
Malwarebytes 20171119
MAX 20171120
Microsoft 20171120
eScan 20171120
NANO-Antivirus 20171120
nProtect 20171120
Panda 20171119
Qihoo-360 20171120
Rising 20171120
Sophos AV 20171120
SUPERAntiSpyware 20171119
Symantec 20171119
Symantec Mobile Insight 20171117
TheHacker 20171117
TotalDefense 20171119
TrendMicro 20171120
TrendMicro-HouseCall 20171120
Trustlook 20171120
VBA32 20171117
VIPRE 20171120
ViRobot 20171120
Webroot 20171120
WhiteArmor 20171104
Yandex 20171118
Zillya 20171117
Zoner 20171120
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2016 - 2017

Product newassm
Original name newassm.exe
Internal name newassm.exe
File version 1.0.0.0
Description Change this to something else.
Comments No comments for international media.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-11-19 21:41:50
Entry Point 0x000644DE
Number of sections 3
.NET details
Module Version ID 89ccbdf8-4413-42bc-b246-f9635f63a5ff
TypeLib ID 5caf6e03-b6f4-4a8c-9300-3941de849919
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
No comments for international media.

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Change this to something else.

CharacterSet
Unicode

InitializedDataSize
2560

EntryPoint
0x644de

OriginalFileName
newassm.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2016 - 2017

FileVersion
1.0.0.0

TimeStamp
2017:11:19 22:41:50+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
newassm.exe

ProductVersion
1.0.0.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
ITBusiness Inc

CodeSize
402944

ProductName
newassm

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.20471

Compressed bundles
File identification
MD5 87eb1a24796361ac59b9f5b555d21cfe
SHA1 42e2eca4c8b515193d6a6c54b3cbde325a311a46
SHA256 fc0396cf24b550558f0a7fab0c269dc0062d0d37c0cf49676ae959b9b5a35a9a
ssdeep
12288:ygum3uUEHl7AyBt7cucSxJeZbPP/czoFRKk6J:yNmcJAyv7P7xkZbPP/EKR

authentihash 0c693b0cfe7ee1f872d0be2d5bf5df3e8835c2befd094f7b24a38b8715193b51
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 396.5 KB ( 406016 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (63.1%)
Win64 Executable (generic) (23.8%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Generic Win/DOS Executable (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2017-11-20 02:24:27 UTC ( 1 year, 4 months ago )
Last submission 2017-12-21 12:14:20 UTC ( 1 year, 3 months ago )
File names 0057f4dc16.vir
P.I #099880990 pdf.exe
newassm.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!