× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: a0dede30d2ad1544328644a887a53fb4352e336030111769eb6c0e0b97d0289e
Nombre: Aporbacion de transferencia a terceros 2100000.exe
Detecciones: 32 / 56
Fecha de análisis: 2016-11-03 07:05:26 UTC ( hace 4 meses, 3 semanas )
Antivirus Resultado Actualización
Ad-Aware Trojan.GenericKD.3656699 20161103
AegisLab Packer.W32.Krap.lQVR 20161103
AhnLab-V3 Trojan/Win32.Inject.N2143926224 20161103
ALYac Trojan.GenericKD.3656699 20161103
Arcabit Trojan.Generic.D37CBFB 20161103
Avast Win32:Malware-gen 20161103
Avira (no cloud) TR/Dropper.MSIL.swtiw 20161102
AVware Trojan.Win32.Generic!BT 20161103
BitDefender Trojan.GenericKD.3656699 20161103
CrowdStrike Falcon (ML) malicious_confidence_69% (W) 20161024
Cyren W32/Trojan.XOQS-7472 20161103
Emsisoft Trojan.GenericKD.3656699 (B) 20161103
ESET-NOD32 MSIL/Agent.ADE 20161103
F-Secure Trojan.GenericKD.3656699 20161103
Fortinet MSIL/Injector.QOG!tr 20161103
GData Trojan.GenericKD.3656699 20161103
Ikarus Trojan.MSIL.Agent 20161102
Invincea trojan.win32.radonskra.b 20161018
Kaspersky Trojan.Win32.Inject.abusj 20161103
McAfee Artemis!D93B870549B2 20161103
McAfee-GW-Edition Artemis 20161103
Microsoft Trojan:Win32/Dynamer!ac 20161103
eScan Trojan.GenericKD.3656699 20161103
NANO-Antivirus Trojan.Win32.Agent.ehydbp 20161103
Qihoo-360 Win32/Trojan.Dropper.dec 20161103
Rising Trojan.Agent!8.B1E-jiyJWfZKwSL (cloud) 20161103
Sophos Mal/Generic-S 20161103
Symantec Trojan.Gen 20161103
TrendMicro BKDR_LUMINOSITY.R 20161103
TrendMicro-HouseCall BKDR_LUMINOSITY.R 20161103
VIPRE Trojan.Win32.Generic!BT 20161103
Yandex Trojan.Inject!ncpp6CMrkpo 20161102
Alibaba 20161103
Antiy-AVL 20161103
AVG 20161103
Baidu 20161103
Bkav 20161102
CAT-QuickHeal 20161103
ClamAV 20161103
CMC 20161102
Comodo 20161103
DrWeb 20161103
F-Prot 20161103
Jiangmin 20161103
K7AntiVirus 20161103
K7GW 20161103
Kingsoft 20161103
Malwarebytes 20161103
nProtect 20161101
Panda 20161102
SUPERAntiSpyware 20161103
Tencent 20161103
TheHacker 20161101
VBA32 20161102
ViRobot 20161103
Zillya 20161102
Zoner 20161103
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Signature verification A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Signing date 8:06 AM 11/3/2016
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-10-31 10:37:53
Entry Point 0x0009D0BE
Number of sections 3
.NET details
Module Version ID 7acdcdff-1946-4738-aa2e-a72517300129
PE sections
Overlays
MD5 d33d3ff84f91a85dd6fc2030d4c90b62
File type data
Offset 664064
Size 4912
Entropy 7.07
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 8
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 9
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2016:10:31 11:37:53+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
635392

LinkerVersion
8.0

EntryPoint
0x9d0be

InitializedDataSize
28160

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 d93b870549b2e4ef40b32c7e56052f6c
SHA1 645615018f526bbff0838fae487466689977e32f
SHA256 a0dede30d2ad1544328644a887a53fb4352e336030111769eb6c0e0b97d0289e
ssdeep
12288:sPPRsn/JxrJ72Y4fK7QxxqCLwVpt6lQv7jdg6DadCxYFApY:OPOn/JxrJ2FSEx8CLs2wFS

authentihash e58e84660bb4503cee03e7437ca4a356b694b52ec18adec3bbccae6ba6ad1fad
imphash f34d5f2d4577ed6d9ceec516c1f5a744
Tamaño del fichero 653.3 KB ( 668976 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe assembly overlay

VirusTotal metadata
First submission 2016-10-31 20:32:12 UTC ( hace 4 meses, 4 semanas )
Last submission 2016-10-31 20:32:12 UTC ( hace 4 meses, 4 semanas )
Nombres Aporbacion de transferencia a terceros 2100000.exe
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
HTTP requests
DNS requests
TCP connections
UDP communications