× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: 17dfadb62b73e26a0b36a8fd5b772ac70c80b78bd4262dfc074d54272815bbf8
Nombre: server.gxe
Detecciones: 43 / 66
Fecha de análisis: 2019-03-21 16:30:04 UTC ( hace 4 semanas ) Ver el más reciente
Antivirus Resultado Actualización
Acronis suspicious 20190321
Ad-Aware Trojan.GenericKD.30981903 20190321
AegisLab Trojan.MSIL.Tpyn.4!c 20190321
ALYac Trojan.GenericKD.30981903 20190321
Antiy-AVL Trojan/MSIL.Tpyn 20190321
Arcabit Trojan.Generic.D1D8BF0F 20190321
Avast Win32:Malware-gen 20190321
AVG Win32:Malware-gen 20190321
Avira (no cloud) HEUR/AGEN.1006761 20190321
BitDefender Trojan.GenericKD.30981903 20190321
Comodo Malware@#293o0f5u3ry43 20190321
CrowdStrike Falcon (ML) win/malicious_confidence_90% (W) 20190212
Cyren W32/Trojan.KORN-3353 20190321
DrWeb Trojan.DownLoader24.54410 20190321
Emsisoft Trojan.GenericKD.30981903 (B) 20190321
Endgame malicious (high confidence) 20190321
ESET-NOD32 a variant of MSIL/Injector.OKY 20190321
F-Secure Heuristic.HEUR/AGEN.1006761 20190321
Fortinet W32/Malicious_Behavior.VEX 20190321
GData MSIL.Packed.Skaldring.B 20190321
Ikarus Trojan.MSIL.Injector 20190321
Sophos ML heuristic 20190313
K7AntiVirus Trojan ( 004dfffb1 ) 20190321
K7GW Trojan ( 004dfffb1 ) 20190321
Kaspersky Trojan.MSIL.Tpyn.chu 20190321
MAX malware (ai score=95) 20190321
McAfee BackDoor-FDEO!4761B7F92219 20190321
McAfee-GW-Edition BehavesLike.Win32.Generic.fc 20190321
Microsoft Backdoor:Win32/Oztratz.A 20190321
eScan Trojan.GenericKD.30981903 20190321
NANO-Antivirus Trojan.Win32.Tpyn.feejxb 20190321
Palo Alto Networks (Known Signatures) generic.ml 20190321
Panda Trj/GdSda.A 20190321
Qihoo-360 Malware.Radar01.Gen 20190321
Rising Backdoor.Oztratz!8.482A (CLOUD) 20190321
SentinelOne (Static ML) DFI - Suspicious PE 20190317
Sophos AV Mal/Generic-S 20190321
Tencent Msil.Trojan.Tpyn.Pcsn 20190321
Trapmine malicious.high.ml.score 20190301
TrendMicro-HouseCall TROJ_GEN.R057C0PCL19 20190321
VIPRE Trojan.Win32.Generic!BT 20190321
Yandex Trojan.Tpyn! 20190321
ZoneAlarm by Check Point Trojan.MSIL.Tpyn.chu 20190321
AhnLab-V3 20190321
Alibaba 20190306
Avast-Mobile 20190320
Babable 20180918
Baidu 20190318
Bkav 20190320
CAT-QuickHeal 20190320
ClamAV 20190321
CMC 20190321
Cybereason 20190109
eGambit 20190321
Jiangmin 20190321
Kingsoft 20190321
Malwarebytes 20190321
SUPERAntiSpyware 20190321
Symantec Mobile Insight 20190220
TACHYON 20190321
TheHacker 20190320
TotalDefense 20190318
Trustlook 20190321
VBA32 20190321
ViRobot 20190321
Zillya 20190321
Zoner 20190321
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright

Original name Jpncebp.exe
Internal name Jpncebp.exe
File version 7.3.148.5150
Description Kjsrgkvcw
Comments Jgvskffdpa
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-03-22 08:11:59
Entry Point 0x0003D0A3
Number of sections 3
.NET details
Module Version ID bac6289c-3a8d-4220-8090-0ed1b4f833f6
TypeLib ID 1abc647d-3398-49d3-9eb6-f4f0a021081e
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 14
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 16
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
Jgvskffdpa

LinkerVersion
8.0

ImageVersion
0.0

FileVersionNumber
7.3.148.5150

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Kjsrgkvcw

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
118784

EntryPoint
0x3d0a3

OriginalFileName
Jpncebp.exe

MIMEType
application/octet-stream

FileVersion
7.3.148.5150

TimeStamp
2016:03:22 09:11:59+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Jpncebp.exe

ProductVersion
7.3.148.5150

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Kieune

CodeSize
245760

FileSubtype
0

ProductVersionNumber
7.3.148.5150

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
7.3.148.5150

Execution parents
File identification
MD5 4761b7f92219873e485c540e8507ff63
SHA1 ec628167def99a0ea17618f14a93f8e55b78a20b
SHA256 17dfadb62b73e26a0b36a8fd5b772ac70c80b78bd4262dfc074d54272815bbf8
ssdeep
6144:ToW0DoyvjAKJ7yWJHWlCEXTnOXCkASJUUvUSA:L0DoMp7rW/jnUHcdSA

authentihash 1533cbe851f4d5a030f67c9f5f6fd3a3ff20b4d922d651c72a653f25fd5abd7f
imphash f34d5f2d4577ed6d9ceec516c1f5a744
Tamaño del fichero 360.0 KB ( 368640 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (79.2%)
Win32 Dynamic Link Library (generic) (7.1%)
Win32 Executable (generic) (4.8%)
Win16/32 Executable Delphi generic (2.2%)
OS/2 Executable (generic) (2.1%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-06-16 19:09:25 UTC ( hace 10 meses )
Last submission 2019-03-25 10:15:28 UTC ( hace 3 semanas, 3 días )
Nombres geoaobnai.exe
server.gxe
Yttjaalojozone.exe
server.exe
9007662
tmp105.dat
17dfadb62b73e26a0b36a8fd5b772ac70c80b78bd4262dfc074d54272815bbf8.bin
Jpncebp.exe
output.119272807.txt
tmp378.dat
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!