× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: af4802e84b5575ef2ade1ef103739afb7352807884dbf1ce7b7c770d994465f7
Nombre: mm.exe
Detecciones: 47 / 68
Fecha de análisis: 2018-10-25 00:54:07 UTC ( hace 1 mes, 3 semanas )
Antivirus Resultado Actualización
Ad-Aware Trojan.GenericKD.5250719 20181024
AhnLab-V3 Trojan/Win32.Agent.C1347558 20181024
ALYac Trojan.GenericKD.5250719 20181024
Antiy-AVL Trojan/Win32.SGeneric 20181023
Arcabit Trojan.Generic.D501E9F 20181024
Avast Win32:Trojan-gen 20181024
AVG Win32:Trojan-gen 20181024
Avira (no cloud) TR/ATRAPS.Gen 20181024
BitDefender Trojan.GenericKD.5250719 20181025
CAT-QuickHeal Ransom.Pompous.S3 20181024
CrowdStrike Falcon (ML) malicious_confidence_60% (W) 20180723
Cybereason malicious.014635 20180225
Cylance Unsafe 20181025
Cyren W32/Trojan.JKHZ-7064 20181025
DrWeb Trojan.DownLoader19.44733 20181024
Emsisoft Trojan.GenericKD.5250719 (B) 20181024
ESET-NOD32 a variant of MSIL/Filecoder.AV 20181025
F-Secure Trojan.GenericKD.5250719 20181024
Fortinet MSIL/Filecoder.AK!tr.ransom 20181025
GData MSIL.Trojan-Ransom.Cryptear.A 20181024
Ikarus Trojan.MSIL.Filecoder 20181024
K7AntiVirus Trojan ( 004e01371 ) 20181024
K7GW Trojan ( 004e01371 ) 20181024
Kaspersky HEUR:Trojan.MSIL.Generic 20181024
MAX malware (ai score=100) 20181025
McAfee Ransomware-FTD!85A65CD01463 20181025
McAfee-GW-Edition Ransomware-FTD!85A65CD01463 20181024
Microsoft Ransom:MSIL/Flyterper.A 20181024
eScan Trojan.GenericKD.5250719 20181025
NANO-Antivirus Trojan.Win32.Dwn.eazlus 20181025
Palo Alto Networks (Known Signatures) generic.ml 20181025
Panda Trj/GdSda.A 20181024
Qihoo-360 HEUR/QVM03.0.Malware.Gen 20181025
Rising Ransom.Flyterper!8.DA7D (TFE:C:RLl1PL1zAWE) 20181025
Sophos AV Mal/Generic-S 20181024
Symantec Ransom.MMLocker 20181025
Tencent Msil.Trojan.Generic.Ebgw 20181025
TheHacker Trojan/Filecoder.av 20181024
TrendMicro Ransom_CRYPCTB.BYX 20181025
TrendMicro-HouseCall Ransom_CRYPCTB.BYX 20181025
VBA32 Trojan.MSIL.Agent 20181024
VIPRE Trojan.Win32.Generic!BT 20181024
ViRobot Trojan.Win32.Z.Ransom.25600.A 20181024
Webroot W32.Trojan.Genkd 20181025
Yandex Trojan.DownLoader! 20181024
Zillya Trojan.Filecoder.Win32.2095 20181024
ZoneAlarm by Check Point HEUR:Trojan.MSIL.Generic 20181024
AegisLab 20181025
Alibaba 20180921
Avast-Mobile 20181024
Babable 20180918
Baidu 20181024
Bkav 20181024
ClamAV 20181024
CMC 20181024
eGambit 20181025
Endgame 20180730
F-Prot 20181024
Sophos ML 20180717
Jiangmin 20181024
Kingsoft 20181025
Malwarebytes 20181025
SentinelOne (Static ML) 20181011
SUPERAntiSpyware 20181022
Symantec Mobile Insight 20181001
TACHYON 20181025
TotalDefense 20181024
Trustlook 20181025
Zoner 20181024
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © Microsoft 2016

Product mm
Original name mm.exe
Internal name mm.exe
File version 1.0.0.0
Description mm
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-03-08 20:19:01
Entry Point 0x000078EE
Number of sections 3
.NET details
Module Version ID 57da1823-6daa-4472-aef3-c8d6c43baae2
TypeLib ID 2351d942-5200-41e8-8bef-1053bb8d4690
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
2048

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
mm

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
11.0

EntryPoint
0x78ee

OriginalFileName
mm.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright Microsoft 2016

FileVersion
1.0.0.0

TimeStamp
2016:03:08 21:19:01+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
mm.exe

ProductVersion
1.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft

CodeSize
23040

ProductName
mm

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

Compressed bundles
File identification
MD5 85a65cd0146355f1e3e42755e4feaeed
SHA1 03c2243acb5d48bb57b8ed2ed617b8f3199c7711
SHA256 af4802e84b5575ef2ade1ef103739afb7352807884dbf1ce7b7c770d994465f7
ssdeep
384:fr6qaiSgK2OXz4u7iaVseh9CGrzvbSCekP5KIgJPTu7WX:T6qaiSiOXhVz9jV54RyQ

authentihash 4e998b46c09479fa68b21b4cf1795644cc446c3e080ef0f9470905d576973652
imphash f34d5f2d4577ed6d9ceec516c1f5a744
Tamaño del fichero 25.0 KB ( 25600 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (70.8%)
Windows screen saver (12.6%)
Win32 Dynamic Link Library (generic) (6.3%)
Win32 Executable (generic) (4.3%)
OS/2 Executable (generic) (1.9%)
Tags
peexe assembly

VirusTotal metadata
First submission 2016-03-09 16:16:20 UTC ( hace 2 años, 9 meses )
Last submission 2018-10-09 11:05:30 UTC ( hace 2 meses, 1 semana )
Nombres af4802e84b5575ef2ade1ef103739afb7352807884dbf1ce7b7c770d994465f7
mm.exe
svhost.exe
af4802e84b5575ef2ade1ef103739afb7352807884dbf1ce7b7c770d994465f7.exe
85a65cd0146355f1e3e42755e4feaeed.exe
85a65cd0146355f1e3e42755e4feaeed
VirusShare_85a65cd0146355f1e3e42755e4feaeed
mm1.exe
mm.exe
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
HTTP requests
TCP connections
UDP communications