× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: af4802e84b5575ef2ade1ef103739afb7352807884dbf1ce7b7c770d994465f7
Nombre: mm.exe
Detecciones: 47 / 69
Fecha de análisis: 2018-10-09 11:05:30 UTC ( hace 1 semana, 5 días )
Antivirus Resultado Actualización
Ad-Aware Trojan.GenericKD.5250719 20181009
AhnLab-V3 Trojan/Win32.Agent.C1347558 20181009
ALYac Trojan.GenericKD.5250719 20181009
Antiy-AVL Trojan/Win32.SGeneric 20181009
Arcabit Trojan.Generic.D501E9F 20181009
Avast Win32:Trojan-gen 20181009
AVG Win32:Trojan-gen 20181009
Avira (no cloud) TR/ATRAPS.Gen 20181009
AVware Trojan.Win32.Generic!BT 20180925
BitDefender Trojan.GenericKD.5250719 20181009
CAT-QuickHeal Ransom.Pompous.S3 20181008
CrowdStrike Falcon (ML) malicious_confidence_60% (W) 20180723
Cybereason malicious.014635 20180225
Cylance Unsafe 20181009
Cyren W32/Trojan.JKHZ-7064 20181009
DrWeb Trojan.DownLoader19.44733 20181009
Emsisoft Trojan.GenericKD.5250719 (B) 20181009
ESET-NOD32 a variant of MSIL/Filecoder.AV 20181009
F-Secure Trojan.GenericKD.5250719 20181009
Fortinet MSIL/Filecoder.AK!tr.ransom 20181009
GData MSIL.Trojan-Ransom.Cryptear.A 20181009
Ikarus Trojan.MSIL.Filecoder 20181009
K7AntiVirus Trojan ( 004e01371 ) 20181009
K7GW Trojan ( 004e01371 ) 20181009
Kaspersky HEUR:Trojan.MSIL.Generic 20181009
MAX malware (ai score=100) 20181009
McAfee Ransomware-FTD!85A65CD01463 20181009
McAfee-GW-Edition Ransomware-FTD!85A65CD01463 20181009
Microsoft Ransom:MSIL/Flyterper.A 20181009
eScan Trojan.GenericKD.5250719 20181009
NANO-Antivirus Trojan.Win32.Dwn.eazlus 20181009
Palo Alto Networks (Known Signatures) generic.ml 20181009
Panda Trj/GdSda.A 20181008
Qihoo-360 HEUR/QVM03.0.Malware.Gen 20181009
Rising Ransom.Flyterper!8.DA7D (CLOUD) 20181009
Sophos AV Mal/Generic-S 20181009
Symantec Ransom.MMLocker 20181009
Tencent Msil.Trojan.Generic.Ebgw 20181009
TheHacker Trojan/Filecoder.av 20181008
TrendMicro Ransom_CRYPCTB.BYX 20181009
TrendMicro-HouseCall Ransom_CRYPCTB.BYX 20181009
VBA32 Trojan.MSIL.Agent 20181009
ViRobot Trojan.Win32.Z.Ransom.25600.A 20181008
Webroot W32.Trojan.Genkd 20181009
Yandex Trojan.DownLoader! 20181008
Zillya Trojan.Filecoder.Win32.2095 20181008
ZoneAlarm by Check Point HEUR:Trojan.MSIL.Generic 20181009
AegisLab 20181009
Alibaba 20180921
Avast-Mobile 20181008
Babable 20180918
Baidu 20181009
Bkav 20181008
ClamAV 20181009
CMC 20181009
Comodo 20181009
eGambit 20181009
Endgame 20180730
F-Prot 20181009
Sophos ML 20180717
Jiangmin 20181009
Kingsoft 20181009
Malwarebytes 20181009
SentinelOne (Static ML) 20180926
SUPERAntiSpyware 20181006
Symantec Mobile Insight 20181001
TACHYON 20181009
TotalDefense 20181009
Trustlook 20181009
VIPRE 20181009
Zoner 20181008
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © Microsoft 2016

Product mm
Original name mm.exe
Internal name mm.exe
File version 1.0.0.0
Description mm
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-03-08 20:19:01
Entry Point 0x000078EE
Number of sections 3
.NET details
Module Version ID 57da1823-6daa-4472-aef3-c8d6c43baae2
TypeLib ID 2351d942-5200-41e8-8bef-1053bb8d4690
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
2048

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
mm

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
11.0

EntryPoint
0x78ee

OriginalFileName
mm.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright Microsoft 2016

FileVersion
1.0.0.0

TimeStamp
2016:03:08 21:19:01+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
mm.exe

ProductVersion
1.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft

CodeSize
23040

ProductName
mm

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

Compressed bundles
File identification
MD5 85a65cd0146355f1e3e42755e4feaeed
SHA1 03c2243acb5d48bb57b8ed2ed617b8f3199c7711
SHA256 af4802e84b5575ef2ade1ef103739afb7352807884dbf1ce7b7c770d994465f7
ssdeep
384:fr6qaiSgK2OXz4u7iaVseh9CGrzvbSCekP5KIgJPTu7WX:T6qaiSiOXhVz9jV54RyQ

authentihash 4e998b46c09479fa68b21b4cf1795644cc446c3e080ef0f9470905d576973652
imphash f34d5f2d4577ed6d9ceec516c1f5a744
Tamaño del fichero 25.0 KB ( 25600 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (70.8%)
Windows screen saver (12.6%)
Win32 Dynamic Link Library (generic) (6.3%)
Win32 Executable (generic) (4.3%)
OS/2 Executable (generic) (1.9%)
Tags
peexe assembly

VirusTotal metadata
First submission 2016-03-09 16:16:20 UTC ( hace 2 años, 7 meses )
Last submission 2018-10-09 11:05:30 UTC ( hace 1 semana, 5 días )
Nombres af4802e84b5575ef2ade1ef103739afb7352807884dbf1ce7b7c770d994465f7
mm.exe
svhost.exe
af4802e84b5575ef2ade1ef103739afb7352807884dbf1ce7b7c770d994465f7.exe
85a65cd0146355f1e3e42755e4feaeed.exe
85a65cd0146355f1e3e42755e4feaeed
VirusShare_85a65cd0146355f1e3e42755e4feaeed
mm1.exe
mm.exe
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
HTTP requests
TCP connections
UDP communications