× ¡Las cookies están desactivadas! Esta página requiere que las cookies estén activadas para funcionar correctamente
SHA256: eb60544246eca1daac8d3a11320bc41876481aea8323324fbf9e4a74981e9958
Nombre: officess.gxe
Detecciones: 40 / 68
Fecha de análisis: 2018-06-13 14:59:54 UTC ( hace 11 meses, 2 semanas ) Ver el más reciente
Antivirus Resultado Actualización
Ad-Aware Trojan.GenericKD.30962968 20180613
AegisLab Troj.Msil.Agent!c 20180613
ALYac Trojan.GenericKD.30962968 20180613
Antiy-AVL Trojan[Backdoor]/MSIL.Agent 20180613
Arcabit Trojan.Generic.D1D87518 20180613
AVware Trojan.Win32.Generic!BT 20180613
BitDefender Trojan.GenericKD.30962968 20180613
Bkav W32.FamVT.ExpiroPC.PE 20180613
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20180530
Cybereason malicious.8b4670 20180225
Cylance Unsafe 20180613
Cyren W32/Trojan.GHRB-3977 20180613
DrWeb Trojan.Siggen7.42178 20180613
Emsisoft Trojan.GenericKD.30962968 (B) 20180613
Endgame malicious (high confidence) 20180612
ESET-NOD32 a variant of MSIL/Kryptik.OIM 20180613
F-Secure Trojan.GenericKD.30962968 20180613
Fortinet MSIL/Kryptik.OIM!tr 20180613
GData Trojan.GenericKD.30962968 20180613
Ikarus Trojan.MSIL.Crypt 20180613
Sophos ML heuristic 20180601
K7GW Trojan ( 005332db1 ) 20180613
Kaspersky HEUR:Trojan.MSIL.Agent.gen 20180613
Malwarebytes Trojan.PasswordStealer.MSIL 20180613
MAX malware (ai score=95) 20180613
McAfee Packed-ZI!9AC2037A1706 20180613
McAfee-GW-Edition BehavesLike.Win32.Generic.gc 20180613
eScan Trojan.GenericKD.30962968 20180613
NANO-Antivirus Trojan.Win32.Kryptik.fdyyil 20180613
Palo Alto Networks (Known Signatures) generic.ml 20180613
Panda Trj/CI.A 20180613
Qihoo-360 Win32/Trojan.afc 20180613
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/Generic-S 20180613
Symantec Trojan Horse 20180613
Tencent Win32.Trojan.Inject.Auto 20180613
TrendMicro TROJ_FRS.VSN0CF18 20180613
TrendMicro-HouseCall TROJ_FRS.VSN0CF18 20180613
Webroot W32.Malware.Gen 20180613
ZoneAlarm by Check Point HEUR:Trojan.MSIL.Agent.gen 20180613
AhnLab-V3 20180613
Alibaba 20180613
Avast 20180613
Avast-Mobile 20180613
AVG 20180613
Avira (no cloud) 20180613
Babable 20180406
Baidu 20180613
CAT-QuickHeal 20180613
ClamAV 20180613
CMC 20180613
Comodo 20180613
eGambit 20180613
F-Prot 20180613
Jiangmin 20180613
K7AntiVirus 20180613
Kingsoft 20180613
Microsoft 20180613
Rising 20180613
SUPERAntiSpyware 20180613
Symantec Mobile Insight 20180605
TACHYON 20180613
TheHacker 20180613
TotalDefense 20180613
Trustlook 20180613
VBA32 20180613
VIPRE 20180613
ViRobot 20180613
Yandex 20180613
Zillya 20180613
Zoner 20180612
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2018 Crown Cork & Seal Co. Inc.

Product Application Server Command Administration Interface
Original name ogb.exe
Internal name ogb.exe
File version 14.12.10.2
Description Application Server Command Administration Interface
Comments g2emncao3dx
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-09-01 13:36:42
Entry Point 0x0007200A
Number of sections 5
.NET details
Module Version ID 8a99acc7-637c-4f61-8c51-19a4c60756bc
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
g2emncao3dx

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
14.12.10.2

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Application Server Command Administration Interface

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
5632

EntryPoint
0x7200a

OriginalFileName
ogb.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2018 Crown Cork & Seal Co. Inc.

FileVersion
14.12.10.2

TimeStamp
2017:09:01 15:36:42+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
ogb.exe

ProductVersion
14.12.10.2

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Crown Cork & Seal Co. Inc.

CodeSize
431104

ProductName
Application Server Command Administration Interface

ProductVersionNumber
14.12.10.2

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 9ac2037a17063eea104f6a0f11238776
SHA1 f7033d28b4670182c99a9e00aaa49b254b938c33
SHA256 eb60544246eca1daac8d3a11320bc41876481aea8323324fbf9e4a74981e9958
ssdeep
12288:fBXx9K7Yd18LDcdTBsz8b7OAZUqBswhbws4:fBB9KUz8LDcMQbhuoEs4

authentihash 379a274a7a19524020ac63b04a2eb3ce541fea22b2e1ecba05ba66a5a6f74e09
imphash f34d5f2d4577ed6d9ceec516c1f5a744
Tamaño del fichero 427.5 KB ( 437760 bytes )
Tipo Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe assembly

VirusTotal metadata
First submission 2018-06-12 09:04:05 UTC ( hace 11 meses, 2 semanas )
Last submission 2018-07-26 11:03:12 UTC ( hace 10 meses )
Nombres output.113435747.txt
output.113432586.txt
ogb.exe
DVBNMHJYTRE3W456U (14).EXE
9ac2037a17063eea104f6a0f11238776
output.113435606.txt
output.113432585.txt
officess.gxe
a2dafbeb06779bb2bad65d3f66f24b10fecc6bb8
No hay comentarios. Ningún usuario ha comentado aún. ¡Sea el primero en hacerlo!

Deje su comentario...

?
Enviar comentario

No ha iniciado sesión. Solo los usuarios registrados pueden escribir comentarios.

No hay votos. Nadie ha votado aún. ¡Sea el primero!