× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: 853177d9a42fab0d8d62a190894de5c27ec203240df0d9e70154a675823adf04
Nombre: StalinLocker.exe
Detecciones: 46 / 65
Fecha de análisis: 2018-05-22 08:17:04 UTC ( hace 2 días, 10 horas )
Antivirus Resultado Actualización
Ad-Aware Trojan.GenericKD.30759243 20180522
AegisLab Troj.Ransom.W32.Blocker!c 20180522
AhnLab-V3 Trojan/Win32.Blocker.C2504612 20180521
ALYac Trojan.Ransom.ScreenLocker 20180522
Antiy-AVL Trojan[Ransom]/Win32.AGeneric 20180522
Arcabit Trojan.Generic.D1D5594B 20180522
Avast Win32:Malware-gen 20180521
AVG Win32:Malware-gen 20180521
Avira (no cloud) TR/Agent.dwkyc 20180522
AVware Trojan.Win32.Generic!BT 20180522
BitDefender Trojan.GenericKD.30759243 20180522
CAT-QuickHeal Trojan.IGENERIC 20180521
Comodo UnclassifiedMalware 20180522
Cylance Unsafe 20180522
Cyren W32/Trojan.NRGE-3585 20180522
DrWeb Trojan.Locker.58 20180522
Emsisoft Trojan.GenericKD.30759243 (B) 20180522
ESET-NOD32 a variant of MSIL/Agent.SNU 20180522
F-Secure Trojan.GenericKD.30759243 20180522
Fortinet W32/Blocker.BA!tr 20180522
GData Trojan.GenericKD.30759243 20180522
Ikarus Trojan-Ransom.StalinLocker 20180521
Jiangmin Trojan.Blocker.ikr 20180522
K7AntiVirus Riskware ( 0040eff71 ) 20180522
K7GW Riskware ( 0040eff71 ) 20180522
Kaspersky Trojan-Ransom.Win32.Blocker.lacf 20180522
MAX malware (ai score=93) 20180522
McAfee Ransom-RsSIRIA!61C003BAC228 20180522
McAfee-GW-Edition Ransom-RsSIRIA!61C003BAC228 20180522
Microsoft Trojan:Win32/Occamy.B 20180522
eScan Trojan.GenericKD.30759243 20180522
NANO-Antivirus Trojan.Win32.Blocker.fbvecr 20180522
Palo Alto Networks (Known Signatures) generic.ml 20180522
Panda Trj/GdSda.A 20180521
Qihoo-360 Win32/Trojan.Ransom.719 20180522
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/MSIL-BA 20180522
Symantec Ransom.Gen 20180522
Tencent Win32.Trojan.Blocker.Wops 20180522
TrendMicro Ransom_TALINSLOCKER.THEAAAH 20180522
TrendMicro-HouseCall Ransom_TALINSLOCKER.THEAAAH 20180522
VIPRE Trojan.Win32.Generic!BT 20180522
ViRobot Trojan.Win32.S.Ransom.4039680 20180522
Webroot W32.Trojan.Locker 20180522
Yandex Trojan.Blocker!8SNT/INd9xY 20180518
ZoneAlarm by Check Point Trojan-Ransom.Win32.Blocker.lacf 20180522
Alibaba 20180522
Avast-Mobile 20180520
Babable 20180406
Baidu 20180522
Bkav 20180522
ClamAV 20180521
CMC 20180522
CrowdStrike Falcon (ML) 20180202
Cybereason None
eGambit 20180522
Endgame 20180507
F-Prot 20180522
Sophos ML 20180503
Kingsoft 20180522
Malwarebytes 20180522
nProtect 20180522
Rising 20180522
SUPERAntiSpyware 20180522
Symantec Mobile Insight 20180522
TheHacker 20180516
Trustlook 20180522
VBA32 20180521
Zillya 20180521
Zoner 20180521
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2018

Product StalinScreamer
Original name StalinLocker.exe
Internal name StalinLocker.exe
File version 1.0.0.0
Description StalinScreamer
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-05-04 20:15:21
Entry Point 0x003DAADA
Number of sections 3
.NET details
Module Version ID f811b1d0-c023-4163-8891-3ee09ceec3ae
TypeLib ID 7a45aafb-2b76-4328-8f58-191445c6c3e6
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
48.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
5632

EntryPoint
0x3daada

OriginalFileName
StalinLocker.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2018

FileVersion
1.0.0.0

TimeStamp
2018:05:04 21:15:21+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
StalinLocker.exe

ProductVersion
1.0.0.0

FileDescription
StalinScreamer

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
4033536

ProductName
StalinScreamer

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 61c003bac228857cb0db6207eb5a7f3e
SHA1 b2b8837047995ffdb92a95e678117b3449342230
SHA256 853177d9a42fab0d8d62a190894de5c27ec203240df0d9e70154a675823adf04
ssdeep
98304:EejEXmagfEe2LwwU9/owft3PMmkahT5Jw2ic0:ECEfgb0w39/ow0ahT5

authentihash 134f960896eced26dd3822690ad96b1d63395df18a0ad5a4d3792f0a8cf4db03
imphash f34d5f2d4577ed6d9ceec516c1f5a744
Tamaño del fichero 3.9 MB ( 4039680 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (62.0%)
Win64 Executable (generic) (23.4%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.8%)
OS/2 Executable (generic) (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-05-09 08:48:11 UTC ( hace 2 semanas, 1 día )
Last submission 2018-05-22 08:17:04 UTC ( hace 2 días, 10 horas )
Nombres 61c003bac228857cb0db6207eb5a7f3e.virus
StalinLocker.exe
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!