× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: 1ad95b74b1e10f41b4ac7d2ee96c74e99f237e1e5717d9e59273a81477d8c9b6
Nombre: KakaoTalk.exe
Detecciones: 53 / 68
Fecha de análisis: 2018-07-23 10:23:50 UTC ( hace 3 meses )
Antivirus Resultado Actualización
Ad-Aware Generic.Ransom.CloudSword.2FF871E1 20180723
AegisLab Trojan.Win32.Generic.4!c 20180723
AhnLab-V3 Trojan/Win32.Ransom.C1523446 20180723
ALYac Trojan.Ransom.HiddenTear 20180723
Antiy-AVL Trojan/Win32.AGeneric 20180723
Arcabit Generic.Ransom.CloudSword.2FF871E1 20180723
Avast Win32:Trojan-gen 20180723
AVG Win32:Trojan-gen 20180723
Avira (no cloud) HEUR/AGEN.1016243 20180723
AVware Trojan.Win32.Generic!BT 20180723
BitDefender Generic.Ransom.CloudSword.2FF871E1 20180723
CAT-QuickHeal Ransom.HidenTear.A3 20180723
Comodo UnclassifiedMalware 20180723
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20180530
Cybereason malicious.8d4603 20180225
Cylance Unsafe 20180723
Cyren W32/S-f98fed91!Eldorado 20180723
DrWeb Trojan.Encoder.10598 20180723
Emsisoft Generic.Ransom.CloudSword.2FF871E1 (B) 20180723
Endgame malicious (high confidence) 20180710
ESET-NOD32 a variant of MSIL/Filecoder.Y 20180723
F-Prot W32/S-f98fed91!Eldorado 20180723
F-Secure Generic.Ransom.CloudSword.2FF871E1 20180723
Fortinet MSIL/Filecoder.Y!tr 20180723
GData MSIL.Trojan-Ransom.Cryptear.R 20180723
Ikarus Trojan.MSIL.Filecoder 20180723
Jiangmin Trojan.Generic.bnniw 20180723
K7AntiVirus Trojan ( 004cd5d01 ) 20180723
K7GW Trojan ( 004cd5d01 ) 20180723
Kaspersky HEUR:Trojan.Win32.Generic 20180723
MAX malware (ai score=100) 20180723
McAfee Ransomware-FRF!913031B8D460 20180723
McAfee-GW-Edition Ransomware-FRF!913031B8D460 20180723
Microsoft Ransom:MSIL/Ryzerlo.A 20180723
eScan Generic.Ransom.CloudSword.2FF871E1 20180723
NANO-Antivirus Trojan.Win32.Filecoder.efoubn 20180723
Palo Alto Networks (Known Signatures) generic.ml 20180723
Panda Trj/GdSda.A 20180722
Qihoo-360 Win32/Trojan.e49 20180723
Rising Ransom.FileCryptor!8.1A7 (CLOUD) 20180723
SentinelOne (Static ML) static engine - malicious 20180701
Sophos AV Troj/Cryptear-A 20180723
Symantec Ransom.KaoTear 20180723
TACHYON Ransom/W32.HiddenTear.1293824 20180723
Tencent Win32.Trojan.Generic.Hqay 20180723
TheHacker Trojan/Filecoder.y 20180723
TrendMicro Ransom_KAOTEAR.A 20180723
TrendMicro-HouseCall Ransom_KAOTEAR.A 20180723
VIPRE Trojan.Win32.Generic!BT 20180723
ViRobot Trojan.Win32.Z.Filecoder.1293824.A 20180723
Webroot W32.Trojan.Ransom 20180723
Yandex Trojan.Agent!eOJgVED9gJg 20180720
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20180723
Alibaba 20180713
Avast-Mobile 20180723
Babable 20180406
Baidu 20180723
Bkav 20180723
ClamAV 20180723
CMC 20180723
eGambit 20180723
Sophos ML 20180717
Kingsoft 20180723
Malwarebytes 20180723
SUPERAntiSpyware 20180722
TotalDefense 20180722
Trustlook 20180723
VBA32 20180720
Zillya 20180720
Zoner 20180723
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2015

Product KakaoTalk
Original name KakaoTalk.exe
Internal name KakaoTalk.exe
File version 1.0.0.0
Description KakaoTalk
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-08-16 08:54:52
Entry Point 0x00139832
Number of sections 3
.NET details
Module Version ID 8f61c34b-08eb-4a68-9945-b86b1673cca4
TypeLib ID 7ab0dd04-43e0-4d89-be59-60a30b766467
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 3
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 5
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
6.0

LinkerVersion
48.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
16896

EntryPoint
0x139832

OriginalFileName
KakaoTalk.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2015

FileVersion
1.0.0.0

TimeStamp
2016:08:16 08:54:52+00:00

FileType
Win32 EXE

PEType
PE32

InternalName
KakaoTalk.exe

ProductVersion
1.0.0.0

FileDescription
KakaoTalk

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
1276416

ProductName
KakaoTalk

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 913031b8d460367501a8e84c4143d627
SHA1 f7a78789197db011b55f53b30d533eb4297d03cd
SHA256 1ad95b74b1e10f41b4ac7d2ee96c74e99f237e1e5717d9e59273a81477d8c9b6
ssdeep
1536:HIbnzI1UFynf7nhtEeSMzWfpWfKqxS9Li5GSqhz1IfIzSWG7LKWYxXIpEiO3jsh5:HIb01rn8e/MgLKWidATn25RE9

authentihash 1d3a5b4b55e5a0f7daffb4198f0c75b0960b281e75fed3c20c18debabf5dc755
imphash f34d5f2d4577ed6d9ceec516c1f5a744
Tamaño del fichero 1.2 MB ( 1293824 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (62.0%)
Win64 Executable (generic) (23.4%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.8%)
OS/2 Executable (generic) (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2016-08-16 08:56:11 UTC ( hace 2 años, 2 meses )
Last submission 2018-05-08 00:14:54 UTC ( hace 5 meses, 2 semanas )
Nombres KakaoTalk.exe
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!