× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: cf68b4c1ebccd10f7336a02338dac1159b7cf4014cfa35008295d32ba8c0d567
Nom du fichier : DVT_KeyMaker.exe
Ratio de détection : 7 / 54
Date d'analyse : 2016-08-24 11:52:45 UTC (il y a 2 ans, 1 mois) Voir les derniers
Antivirus Résultat Mise à jour
AegisLab Troj.W32.Gen.mbZm 20160824
AVG MSIL.CC 20160824
Ikarus Trojan.Win32.Agent 20160824
McAfee Artemis!45FED9BC3DAF 20160824
McAfee-GW-Edition BehavesLike.Win32.Ransom.tc 20160824
Symantec Heur.AdvML.B 20160824
VBA32 TrojanDropper.Dapato 20160823
Ad-Aware 20160824
AhnLab-V3 20160824
Alibaba 20160824
ALYac 20160824
Antiy-AVL 20160824
Arcabit 20160824
Avast 20160824
Avira (no cloud) 20160824
AVware 20160824
Baidu 20160824
BitDefender 20160824
Bkav 20160823
CAT-QuickHeal 20160824
ClamAV 20160824
CMC 20160824
Comodo 20160824
Cyren 20160824
DrWeb 20160824
Emsisoft 20160824
ESET-NOD32 20160824
F-Prot 20160824
F-Secure 20160824
Fortinet 20160824
GData 20160824
Jiangmin 20160824
K7AntiVirus 20160824
K7GW 20160824
Kaspersky 20160824
Kingsoft 20160824
Malwarebytes 20160824
Microsoft 20160824
eScan 20160824
NANO-Antivirus 20160824
nProtect 20160824
Panda 20160823
Qihoo-360 20160824
Rising 20160824
Sophos AV 20160824
SUPERAntiSpyware 20160823
Tencent 20160824
TheHacker 20160824
TrendMicro 20160824
TrendMicro-HouseCall 20160824
VIPRE 20160824
ViRobot 20160824
Zillya 20160820
Zoner 20160824
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2013

Product WindowsApplication1
Original name DVT_KeyMaker.exe
Internal name DVT_KeyMaker.exe
File version 1.0.0.0
Description WindowsApplication1
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-12-09 18:58:19
Entry Point 0x00002E5E
Number of sections 3
.NET details
Module Version ID c5640d5e-8efa-46f3-a304-3d9550f26f27
PE sections
Overlays
MD5 0bf5506bff7ee0c7e4af3c42134e51a5
File type application/x-locale
Offset 15872
Size 1205006
Entropy 7.70
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 3
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
WindowsApplication1

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
1536

EntryPoint
0x2e5e

OriginalFileName
DVT_KeyMaker.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2013

FileVersion
1.0.0.0

TimeStamp
2010:12:09 19:58:19+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
DVT_KeyMaker.exe

ProductVersion
1.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
4096

ProductName
WindowsApplication1

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 45fed9bc3daf746bce640be98f1e2f10
SHA1 1f21724312eeced04effec7810be6c3b1f20b683
SHA256 cf68b4c1ebccd10f7336a02338dac1159b7cf4014cfa35008295d32ba8c0d567
ssdeep

authentihash 99806a420a3032cdcea12ddc4ae8ddadfa6d639a9e9adbd4b113a5f24f84f89e
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 1.2 MB ( 1220878 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable, MZ for MS-DOS

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe overlay

VirusTotal metadata
First submission 2015-10-18 03:02:20 UTC (il y a 2 ans, 12 mois)
Last submission 2018-10-06 10:20:28 UTC (il y a 1 semaine, 2 jours)
Noms du fichier DVT_KeyMaker.exe
DVT_KeyMaker.exe
dvt_keymaker.exe
DVT_KeyMaker_.exe
DVT_KeyMaker.exe
DVT_KeyMaker.exe
DVT_KeyMaker.exe
dvt_keymaker.exe
DVT_KeyMaker.exe
DVT_KeyMaker.exe
DVT_KeyMaker.exe._back
DVT_KeyMaker.exe
DVT_KeyMaker.exe
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: Suspicious_GEN.F47V1218.

Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !