× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: ded141ce1a79bc8c9db5fafb1bcf92a31f3da43fd1edf2bedf3f014f3dc017ae
Nom du fichier : ded141ce1a79bc8c9db5fafb1bcf92a31f3da43fd1edf2bedf3f014f3dc017ae_...
Ratio de détection : 44 / 68
Date d'analyse : 2018-10-10 18:29:30 UTC (il y a 2 mois, 1 semaine)
Antivirus Résultat Mise à jour
Ad-Aware Gen:Variant.Ursu.302063 20181010
AhnLab-V3 Malware/Gen.Generic.C2738596 20181010
ALYac Trojan.Agent.Delf.Krypt 20181010
Antiy-AVL Trojan/Win32.Delf 20181010
Arcabit Trojan.Ursu.D49BEF 20181010
Avast Win32:Trojan-gen 20181010
AVG Win32:Trojan-gen 20181010
Avira (no cloud) TR/Delf.lyqun 20181010
BitDefender Gen:Variant.Ursu.302063 20181010
Bkav W32.HfsAutoB. 20181009
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20180723
Cylance Unsafe 20181010
Cyren W32/Trojan.KBLA-1626 20181010
DrWeb Trojan.DownLoader13.38206 20181010
Emsisoft Gen:Variant.Ursu.302063 (B) 20181010
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Injector.EATS 20181010
F-Secure Gen:Variant.Ursu.302063 20181010
Fortinet W32/Fareit.A 20181010
GData Gen:Variant.Ursu.302063 20181010
Ikarus Trojan.Win32.Themida 20181010
Sophos ML heuristic 20180717
K7AntiVirus Trojan ( 0040f4ef1 ) 20181010
K7GW Trojan ( 0040f4ef1 ) 20181010
Kaspersky Trojan.Win32.Delf.tflp 20181010
Malwarebytes Trojan.MalPack 20181010
McAfee Artemis!CC43A4231B6E 20181010
McAfee-GW-Edition BehavesLike.Win32.Trojan.tc 20181010
Microsoft Trojan:Win32/Skeeyah.A!rfn 20181010
eScan Gen:Variant.Ursu.302063 20181010
NANO-Antivirus Trojan.Win32.Delf.fipzyj 20181010
Palo Alto Networks (Known Signatures) generic.ml 20181010
Panda Trj/CI.A 20181010
Qihoo-360 Win32/Trojan.8d2 20181010
SentinelOne (Static ML) static engine - malicious 20180926
Sophos AV Mal/Generic-S 20181010
Symantec Trojan.Gen.2 20181010
Tencent Win32.Trojan.Delf.Szlb 20181010
TrendMicro TROJ_GEN.R002C0DJ318 20181010
TrendMicro-HouseCall TROJ_GEN.R002C0DJ318 20181010
VBA32 Trojan.Delf 20181010
ViRobot Trojan.Win32.Z.Ursu.2001408 20181010
Webroot W32.Delf.tflp 20181010
ZoneAlarm by Check Point Trojan.Win32.Delf.tflp 20181010
AegisLab 20181010
Alibaba 20180921
Avast-Mobile 20181010
Babable 20180918
Baidu 20181010
CAT-QuickHeal 20181008
ClamAV 20181010
CMC 20181010
Comodo 20181010
Cybereason 20180225
eGambit 20181010
F-Prot 20181010
Jiangmin 20181009
Kingsoft 20181010
MAX 20181010
Rising 20181010
SUPERAntiSpyware 20181006
Symantec Mobile Insight 20181001
TACHYON 20181010
TheHacker 20181008
TotalDefense 20181010
Trustlook 20181010
VIPRE 20181010
Yandex 20181010
Zillya 20181010
Zoner 20181010
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(C) 2016 philandro Software GmbH

Product AnyDesk
File version 3.2.4.0
Description AnyDesk
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x004BF000
Number of sections 6
PE sections
PE imports
Number of PE resources by type
RT_RCDATA 28
RT_BITMAP 28
RT_STRING 16
RT_GROUP_CURSOR 7
RT_CURSOR 7
IMAGE 1
RT_MANIFEST 1
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 64
RUSSIAN 26
GERMAN 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
376832

ImageVersion
0.0

ProductName
AnyDesk

FileVersionNumber
3.2.4.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

ImageFileCharacteristics
Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi

CharacterSet
Windows, Latin1

LinkerVersion
2.25

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
3.2.4.0

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
3.2

FileDescription
AnyDesk

OSVersion
4.0

FileOS
Unknown (0)

LegalCopyright
(C) 2016 philandro Software GmbH

MachineType
Intel 386 or later, and compatibles

CompanyName
philandro Software GmbH

CodeSize
473088

FileSubtype
0

ProductVersionNumber
0.0.0.0

Warning
Possibly corrupt Version resource

EntryPoint
0x4bf000

ObjectFileType
Executable application

File identification
MD5 cc43a4231b6e5ab0ca6fd235d9d67ba0
SHA1 646774f5adb8ca49867d81ad831d85bafd6ad45d
SHA256 ded141ce1a79bc8c9db5fafb1bcf92a31f3da43fd1edf2bedf3f014f3dc017ae
ssdeep
49152:D+shS3wG8hZHb7tH3oM041s6rI1kouSmw1v:ysCLuXoMVi6rfY95

authentihash f6395d06cb8afd4dbbb37dcb394ae52db43c9fee4b5ab7a0f72e1b596c8be148
imphash 2eabe9054cad5152567f0699947a2c5b
File size 1.9 MB ( 2001408 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (35.7%)
Win16/32 Executable Delphi generic (16.4%)
OS/2 Executable (generic) (16.0%)
Generic Win/DOS Executable (15.8%)
DOS Executable Generic (15.8%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-01 05:35:38 UTC (il y a 2 mois, 2 semaines)
Last submission 2018-10-01 21:36:22 UTC (il y a 2 mois, 2 semaines)
Noms du fichier tkk.exe
ded141ce1a79bc8c9db5fafb1bcf92a31f3da43fd1edf2bedf3f014f3dc017ae_tkk.exe
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Copied files
Deleted files
Created processes
Code injections in the following processes
Opened mutexes
Runtime DLLs