× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ffce28425b1a261d47dcca75f89182c7d5930444952de5f333b5c4cf514fc283
File name: cc8ab8cafcd225ed4ebc70e0139b6890
Detection ratio: 20 / 66
Analysis date: 2018-05-31 14:27:17 UTC ( 6 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Mikey.80654 20180531
AhnLab-V3 Malware/Win64.Generic.C2481339 20180531
ALYac Gen:Variant.Mikey.80654 20180531
Avira (no cloud) TR/Crypt.XPACK.Gen 20180531
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180531
BitDefender Gen:Variant.Mikey.80654 20180531
Cylance Unsafe 20180531
Emsisoft Gen:Variant.Mikey.80654 (B) 20180531
Endgame malicious (high confidence) 20180507
ESET-NOD32 a variant of Win64/Kryptik.BJE 20180531
F-Secure Gen:Variant.Mikey.80654 20180531
Fortinet W64/Kryptik.BIW!tr 20180531
GData Gen:Variant.Mikey.80654 20180531
Ikarus Trojan.Win64.Crypt 20180531
Sophos ML heuristic 20180504
MAX malware (ai score=89) 20180531
Microsoft Trojan:Win32/Fuerboos.C!cl 20180531
eScan Gen:Variant.Mikey.80654 20180531
Sophos AV Mal/Dridex-G 20180531
Webroot W32.Trojan.Gen 20180531
AegisLab 20180531
Alibaba 20180530
Antiy-AVL 20180531
Arcabit 20180531
Avast 20180531
Avast-Mobile 20180531
AVG 20180531
AVware 20180531
Babable 20180406
Bkav 20180531
CAT-QuickHeal 20180531
ClamAV 20180531
CMC 20180529
Comodo 20180531
CrowdStrike Falcon (ML) 20180202
Cybereason None
Cyren 20180531
DrWeb 20180531
eGambit 20180531
F-Prot 20180531
Jiangmin 20180531
K7AntiVirus 20180530
K7GW 20180531
Kaspersky 20180531
Kingsoft 20180531
Malwarebytes 20180531
McAfee 20180530
McAfee-GW-Edition 20180531
NANO-Antivirus 20180531
nProtect 20180531
Palo Alto Networks (Known Signatures) 20180531
Panda 20180531
Qihoo-360 20180531
Rising 20180531
SentinelOne (Static ML) 20180225
SUPERAntiSpyware 20180531
Symantec 20180531
Symantec Mobile Insight 20180525
Tencent 20180531
TheHacker 20180531
TotalDefense 20180531
TrendMicro 20180531
TrendMicro-HouseCall 20180531
Trustlook 20180531
VBA32 20180531
VIPRE 20180531
ViRobot 20180531
Yandex 20180529
Zillya 20180530
ZoneAlarm by Check Point 20180531
Zoner 20180531
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem that targets 64bit architectures.
PE header basic information
Target machine x64
Compilation timestamp 2018-03-20 09:35:23
Entry Point 0x00001610
Number of sections 8
PE sections
PE imports
GetUserNameA
GetOldestEventLogRecord
EqualSid
GetSaveFileNameA
GetTextFaceA
GetTapeParameters
GetQueuedCompletionStatus
GetTimeFormatW
Module32FirstW
LocalReAlloc
FileTimeToSystemTime
GetModuleHandleA
EnumResourceNamesW
FindFirstFileA
GetWindowsDirectoryA
Module32First
GetVolumePathNameW
lstrcpyW
GetThreadPriority
GetOpenClipboardWindow
GetClassLongW
GetQueueStatus
GetScrollPos
LockWindowUpdate
GetDlgItem
LoadMenuW
GetFileVersionInfoW
FindCloseUrlCache
GetUrlCacheEntryInfoW
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
AMD AMD64

FileTypeExtension
dll

TimeStamp
2018:03:20 10:35:23+01:00

FileType
Win64 DLL

PEType
PE32+

CodeSize
16384

LinkerVersion
12.0

EntryPoint
0x1610

InitializedDataSize
659456

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 cc8ab8cafcd225ed4ebc70e0139b6890
SHA1 90fd8cb442310e677e1e879136ce116902f0264c
SHA256 ffce28425b1a261d47dcca75f89182c7d5930444952de5f333b5c4cf514fc283
ssdeep
12288:HSRobFbTfHl0K/Rqood+b9kHBrQeCILMB0b2A4Um978:HSOFbTPld/7od+hkHK249fUm97

authentihash b31c5a9abafae10ec659f4de1e36bdbf324bef52f1e994cac60eb7c7b4c0dd6d
imphash 6f6cb3392a12ae3848fa9d5af151ef0d
File size 628.0 KB ( 643072 bytes )
File type Win32 DLL
Magic literal
PE32+ executable for MS Windows (DLL) (GUI) Mono/.Net assembly

TrID Windows screen saver (68.4%)
OS/2 Executable (generic) (10.6%)
Generic Win/DOS Executable (10.4%)
DOS Executable Generic (10.4%)
Tags
64bits assembly pedll

VirusTotal metadata
First submission 2018-05-31 14:27:17 UTC ( 6 months, 2 weeks ago )
Last submission 2018-06-22 09:45:33 UTC ( 5 months, 4 weeks ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!