× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: fe516708fe6db062b525795e67100e846257135e5a30526839ed405bf05ed4a5
File name: Zl3kY.exe
Detection ratio: 11 / 69
Analysis date: 2018-10-01 10:06:12 UTC ( 4 months, 3 weeks ago ) View latest
Antivirus Result Update
AVG FileRepMalware 20181001
Comodo TrojWare.Win32.Dovs.MO 20181001
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cylance Unsafe 20181001
Endgame malicious (high confidence) 20180730
Sophos ML heuristic 20180717
Microsoft Trojan:Win32/Fuerboos.A!cl 20181001
Qihoo-360 HEUR/QVM20.1.3B21.Malware.Gen 20181001
Rising Trojan.Emotet!8.B95 (TFE:dGZlOgOjYHGht61ixA) 20181001
SentinelOne (Static ML) static engine - malicious 20180926
Symantec ML.Attribute.HighConfidence 20181001
Ad-Aware 20181001
AegisLab 20181001
AhnLab-V3 20181001
Alibaba 20180921
ALYac 20181001
Antiy-AVL 20181001
Arcabit 20181001
Avast 20181001
Avast-Mobile 20181001
Avira (no cloud) 20181001
AVware 20180925
Babable 20180918
Baidu 20180930
BitDefender 20181001
Bkav 20180928
CAT-QuickHeal 20181001
ClamAV 20181001
CMC 20181001
Cybereason 20180225
Cyren 20181001
DrWeb 20181001
eGambit 20181001
Emsisoft 20181001
ESET-NOD32 20181001
F-Prot 20181001
F-Secure 20181001
Fortinet 20181001
GData 20181001
Ikarus 20181001
Jiangmin 20181001
K7AntiVirus 20181001
K7GW 20181001
Kaspersky 20181001
Kingsoft 20181001
Malwarebytes 20181001
MAX 20181001
McAfee 20181001
McAfee-GW-Edition 20181001
eScan 20181001
NANO-Antivirus 20181001
Palo Alto Networks (Known Signatures) 20181001
Panda 20180930
Sophos AV 20181001
SUPERAntiSpyware 20180907
Symantec Mobile Insight 20181001
TACHYON 20181001
Tencent 20181001
TheHacker 20181001
TotalDefense 20181001
TrendMicro 20181001
TrendMicro-HouseCall 20181001
Trustlook 20181001
VBA32 20181001
VIPRE 20181001
ViRobot 20181001
Webroot 20181001
Yandex 20180927
Zillya 20180928
ZoneAlarm by Check Point 20180925
Zoner 20180927
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-10-01 10:00:16
Entry Point 0x00002FA0
Number of sections 5
PE sections
PE imports
GetTextCharacterExtra
IsValidCodePage
GetNamedPipeServerProcessId
GetCommandLineW
EnumUILanguagesW
FindActCtxSectionGuid
DeleteFileW
GetLocaleInfoW
GetKeyboardLayout
GetMenuCheckMarkDimensions
SCardGetProviderIdA
Number of PE resources by type
RT_MANIFEST 1
Number of PE resources by language
CHINESE SIMPLIFIED 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:10:01 12:00:16+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
167936

LinkerVersion
16.1

ImageFileCharacteristics
No relocs, Executable, 32-bit

EntryPoint
0x2fa0

InitializedDataSize
49152

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
6.0

UninitializedDataSize
0

Execution parents
Compressed bundles
File identification
MD5 c84422854a302d6b6343f5e05e7c2006
SHA1 b71ccf2565e683ff96f0b46f47b85e3ad6e19641
SHA256 fe516708fe6db062b525795e67100e846257135e5a30526839ed405bf05ed4a5
ssdeep
3072:LJfY172+20O+PJySAVcqgg/l4qcZfwNh8uvsYwJ6:Vf+7Md+ySALFLefwN6uEd6

authentihash 4ba0c8937ad371785919a4ca27c4f6b48412d7941763f1ef3bd8b94cb005898f
imphash 04493f16b1e28f020928899106e56a09
File size 184.0 KB ( 188416 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-01 10:06:12 UTC ( 4 months, 3 weeks ago )
Last submission 2018-10-02 12:59:34 UTC ( 4 months, 3 weeks ago )
File names VpnbL83X9Ncv.exe
4cWmK3umT3P.exe
U5CUyRF7hzz.exe
m5olIm8y.exe
ikNlClG2R1M.exe
voPlyDe0xq4A.exe
uZCSVvtccsK.exe
OYhLK3Zk.exe
Zl3kY.exe
rvvB6ws7Is.exe
orangewan.exe
g8fmXXrMcV.exe
stringunity.exe
992.exe
Malware_MSEXE_fe516708fe6db062b525795e67100e846257135e5a30526839ed405bf05ed4a5
992.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!