× Cookies are disabled! אתר זה דורש שקבצי Cookie יהיו זמינים על מנת שיוכל לפעול כראוי
SHA256: f775ad9a60a870b85e37540320d3c844c2dc7d52916f4b1a302da4e772de12d0
שם קובץ: a662d942f0e43474984766197288845b
יחס זיהוי: 28 / 66
תאריך ניתוח: 2018-02-13 19:13:09 UTC ( 1 שנה, 3 חודשים לפני ) הצג אחרון
אנטי־וירוס תוצאה עדכן
Ad-Aware Trojan.Generic.22553396 20180213
AegisLab Filerepmalware.Gen!c 20180213
ALYac Trojan.Generic.22553396 20180213
Arcabit Trojan.Generic.D1582334 20180213
Avast FileRepMalware 20180213
AVG FileRepMalware 20180213
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9819 20180208
CAT-QuickHeal Trojan.IGENERIC 20180213
CrowdStrike Falcon (ML) malicious_confidence_80% (W) 20170201
Cylance Unsafe 20180213
Emsisoft Trojan.Generic.22553396 (B) 20180213
ESET-NOD32 MSIL/Agent.AYW 20180213
F-Secure Trojan.Generic.22553396 20180213
GData Trojan.Generic.22553396 20180213
Ikarus Trojan.MSIL.Agent 20180213
K7AntiVirus Trojan ( 0051848f1 ) 20180213
K7GW Trojan ( 0051848f1 ) 20180213
Kaspersky HEUR:Trojan-Spy.Win32.TeleBot.a 20180213
MAX malware (ai score=82) 20180213
McAfee GenericRXDC-JV!A662D942F0E4 20180213
McAfee-GW-Edition GenericRXDC-JV!A662D942F0E4 20180213
eScan Trojan.Generic.22553396 20180213
Sophos AV Mal/Generic-S 20180213
Symantec Trojan.Gen.2 20180213
TrendMicro TROJ_GEN.R002C0PBD18 20180213
TrendMicro-HouseCall TROJ_GEN.R002C0PBD18 20180213
VBA32 Trojan.MSIL.gen.b.7 20180213
ZoneAlarm by Check Point HEUR:Trojan-Spy.Win32.TeleBot.a 20180213
AhnLab-V3 20180213
Alibaba 20180209
Antiy-AVL 20180213
Avast-Mobile 20180213
Avira (no cloud) 20180213
AVware 20180210
Bkav 20180212
ClamAV 20180213
CMC 20180213
Comodo 20180213
Cybereason 20180205
Cyren 20180213
DrWeb 20180213
eGambit 20180213
Endgame 20171130
F-Prot 20180213
Fortinet 20180213
Sophos ML 20180121
Jiangmin 20180213
Kingsoft 20180213
Malwarebytes 20180213
Microsoft 20180213
NANO-Antivirus 20180213
nProtect 20180213
Palo Alto Networks (Known Signatures) 20180213
Panda 20180213
Qihoo-360 20180213
Rising 20180213
SentinelOne (Static ML) 20180115
SUPERAntiSpyware 20180213
Symantec Mobile Insight 20180212
Tencent 20180213
TheHacker 20180213
TotalDefense 20180213
Trustlook 20180213
VIPRE 20180213
ViRobot 20180213
Webroot 20180213
WhiteArmor 20180205
Yandex 20180213
Zillya 20180213
Zoner 20180213
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright Microsoft© 2007

Product drwTask
Original name BotNet.exe
Internal name BotNet.exe
File version 1.0.0.0
Description Процесс для служб выполнения задач Windows
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-03-08 18:27:17
Entry Point 0x000C58EE
Number of sections 3
.NET details
Module Version ID e32dfc5c-affd-4350-bc39-0e6d6b6d3096
TypeLib ID af624652-decf-425b-b3fd-93f38d83cc62
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 4
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Windows

ImageFileCharacteristics
Executable

CharacterSet
Unicode

InitializedDataSize
70144

EntryPoint
0xc58ee

OriginalFileName
BotNet.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright Microsoft 2007

FileVersion
1.0.0.0

TimeStamp
2017:03:08 19:27:17+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
BotNet.exe

ProductVersion
1.0.0.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
801280

ProductName
drwTask

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 a662d942f0e43474984766197288845b
SHA1 31bf7b6e231bf0f143bb9ed6eba1b36f12aea00c
SHA256 f775ad9a60a870b85e37540320d3c844c2dc7d52916f4b1a302da4e772de12d0
ssdeep
24576:xPqIrAeOQKNKKKKKKKKKKKKKKKKKuKKKKKeKKKKKFVoSLp9AD0t6Q4Y91UDoqOAG:5AeOQKNKKKKKKKKKKKKKKKKKuKKKKKes

authentihash 69f295aee347eb24a54f2b71b5668781714e07eb0de46b3f251ffb1c41b3b1df
imphash f34d5f2d4577ed6d9ceec516c1f5a744
קודל קובץ 851.5 ק"ב ( 871936 bytes )
סוג קובץ Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (62.0%)
Win64 Executable (generic) (23.4%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.8%)
OS/2 Executable (generic) (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2017-06-25 17:44:11 UTC ( 1 שנה, 10 חודשים לפני )
Last submission 2018-05-28 06:09:43 UTC ( 11 חודשים, 3 שבועות לפני )
שמות קבצים BotNet.exe
a662d942f0e43474984766197288845b
VirusShare_a662d942f0e43474984766197288845b
a662d942f0e43474984766197288845b
%24RM1LWBF.JPG
אין תגובות. אף חבר קהילה של VirusTotal הגיב על הפריט הזה. היה הראשון לעשות זאת!

השאר תגובה...

?
פרסם תגובה

אתה לא מחובר. רק משתמשים רשומים יכולים להשאיר תגובה. והתחבר והראה את קולך!

אין הצבעות. אף אחד לא הצביע על קובץ זה. היה הראשון לעשות זאת!