× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: cd390a04c5ed23557efefcf5485ed38e6446680fdb175cf3183a6c94d67fb5a4
Nombre: explorer(03).gxe
Detecciones: 37 / 68
Fecha de análisis: 2018-06-14 13:34:21 UTC ( hace 10 meses, 1 semana ) Ver el más reciente
Antivirus Resultado Actualización
Ad-Aware Gen:Variant.Zusy.287505 20180614
AegisLab Troj.Msil.Generic!c 20180614
AhnLab-V3 Trojan/Win32.Kryptik.R226752 20180614
ALYac Gen:Variant.Zusy.287505 20180614
Avast Win32:Malware-gen 20180614
AVG Win32:Malware-gen 20180614
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9526 20180614
BitDefender Gen:Variant.Zusy.287505 20180614
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20180530
Cylance Unsafe 20180614
Cyren W32/Trojan.FLIF-5045 20180614
DrWeb BackDoor.Orcus.7 20180614
Emsisoft Gen:Variant.Zusy.287505 (B) 20180614
Endgame malicious (high confidence) 20180612
ESET-NOD32 a variant of MSIL/Kryptik.NUV 20180614
Fortinet MSIL/Kryptik.NUV!tr 20180614
GData Gen:Variant.Zusy.287505 20180614
Ikarus Trojan.MSIL.Crypt 20180614
Sophos ML heuristic 20180601
K7AntiVirus Trojan ( 0052f1161 ) 20180614
K7GW Trojan ( 0052f1161 ) 20180614
Kaspersky HEUR:Trojan.MSIL.Generic 20180614
MAX malware (ai score=98) 20180614
McAfee Packed-FFT!454F011844DF 20180614
McAfee-GW-Edition BehavesLike.Win32.Generic.tc 20180613
Microsoft VirTool:MSIL/Injector 20180614
eScan Gen:Variant.Zusy.287505 20180614
NANO-Antivirus Trojan.Win32.Kryptik.featqg 20180614
Palo Alto Networks (Known Signatures) generic.ml 20180614
Panda Trj/CI.A 20180614
Qihoo-360 Win32/Trojan.7c5 20180614
SentinelOne (Static ML) static engine - malicious 20180225
Tencent Msil.Trojan.Generic.Pbfr 20180614
TrendMicro TROJ_GEN.R002C0PFD18 20180614
TrendMicro-HouseCall TROJ_GEN.R002C0PFD18 20180614
Webroot W32.Trojan.Gen 20180614
ZoneAlarm by Check Point HEUR:Trojan.MSIL.Generic 20180614
Alibaba 20180614
Antiy-AVL 20180614
Arcabit 20180614
Avast-Mobile 20180613
Avira (no cloud) 20180614
AVware 20180614
Babable 20180406
Bkav 20180614
CAT-QuickHeal 20180614
ClamAV 20180614
CMC 20180614
Comodo 20180613
Cybereason 20180225
eGambit 20180614
F-Prot 20180614
F-Secure 20180606
Jiangmin 20180614
Kingsoft 20180614
Malwarebytes 20180614
Rising 20180614
Sophos AV 20180614
SUPERAntiSpyware 20180614
Symantec 20180614
Symantec Mobile Insight 20180614
TACHYON 20180614
TheHacker 20180613
TotalDefense 20180614
Trustlook 20180614
VBA32 20180614
VIPRE 20180614
ViRobot 20180614
Yandex 20180614
Zillya 20180614
Zoner 20180613
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© 2018 Microsoft Corporation. All rights reserved.

Product VS Code By Microsoft
Original name VS_Code.exe
Internal name VS_Code.exe
File version 1.22.0.0
Comments VS Code By Microsoft
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-06-13 20:35:51
Entry Point 0x0015703E
Number of sections 3
.NET details
Module Version ID 5a88e00b-43de-4846-a1f0-247deebbf913
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
VS Code By Microsoft

InitializedDataSize
2560

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.22.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
8.0

EntryPoint
0x15703e

OriginalFileName
VS_Code.exe

MIMEType
application/octet-stream

LegalCopyright
2018 Microsoft Corporation. All rights reserved.

FileVersion
1.22.0.0

TimeStamp
2018:06:13 22:35:51+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
VS_Code.exe

ProductVersion
1.22.0.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
1397248

ProductName
VS Code By Microsoft

ProductVersionNumber
1.22.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.22.0.0

File identification
MD5 454f011844df4da706972f7ec1089542
SHA1 4a14468a3ad342a668d53e1087bb4876510a9be8
SHA256 cd390a04c5ed23557efefcf5485ed38e6446680fdb175cf3183a6c94d67fb5a4
ssdeep
24576:lOqGVyscI9tvtnGwKjUdL4H2Ottv+7cn3vzoKAfON+WareWEE82Ta:ctnbKjUdL41ttviA0JC+W81Y

authentihash 5818b16bbdebc7ce20b084cc56f8939887db28de05271ced3e0fbb58f929eac9
imphash f34d5f2d4577ed6d9ceec516c1f5a744
Tamaño del fichero 1.3 MB ( 1400320 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (62.0%)
Win64 Executable (generic) (23.4%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.8%)
OS/2 Executable (generic) (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-06-13 20:59:06 UTC ( hace 10 meses, 1 semana )
Last submission 2018-06-15 11:15:14 UTC ( hace 10 meses, 1 semana )
Nombres explorer(03).gxe
4bdbc3461f2e296f9b6ffa39324ddce487e5a4e8
VS_Code.exe
explorer.exe
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
HTTP requests
DNS requests
TCP connections
UDP communications