× Kolačići su onemogućeni. Ovo web-mesto zahtijeva kolačiće kako bi normalno funkcioniralo
SHA256: 28b3faf320f36b9da1a24449608f6bf0f56b87b1889aabfa1950d12056300c47
Ime datoteke: 28b3faf320f36b9da1a24449608f6bf0f56b87b1889aabfa1950d12056300c47
Omjer otkrivanja: 35 / 60
Datum analize: 2017-03-12 10:06:21 UTC (prije 2 godine, 2 mjeseci)
Antivirus Rezultat Ažuriranje
Ad-Aware Gen:Variant.Razy.146266 20170312
AegisLab Troj.Banker.W32!c 20170312
ALYac Gen:Variant.Razy.146266 20170311
Arcabit Trojan.Razy.D23B5A 20170312
Avast Win32:Rootkit-gen [Rtk] 20170312
AVG Crypt7.KAL 20170312
Avira (no cloud) TR/Crypt.Xpack.abezu 20170312
AVware Trojan.Win32.Generic!BT 20170312
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20170311
BitDefender Gen:Variant.Razy.146266 20170312
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20170130
Emsisoft Gen:Variant.Razy.146266 (B) 20170312
Endgame malicious (high confidence) 20170222
ESET-NOD32 a variant of Win32/Kryptik.FPNV 20170312
F-Secure Gen:Variant.Razy.146266 20170312
Fortinet W32/CoreBot.DS!tr 20170311
GData Gen:Variant.Razy.146266 20170312
Ikarus Trojan.Win32.Crypt 20170312
Sophos ML backdoor.win32.vawtrak.f 20170203
K7GW Trojan ( 005084641 ) 20170311
Kaspersky Trojan-Banker.Win32.CoreBot.ds 20170312
Malwarebytes Trojan.Dridex 20170312
McAfee Artemis!D6788B1D5003 20170312
McAfee-GW-Edition BehavesLike.Win32.Ramnit.ch 20170312
Microsoft TrojanSpy:Win32/Banker 20170312
eScan Gen:Variant.Razy.146266 20170312
Qihoo-360 HEUR/QVM20.1.0000.Malware.Gen 20170312
Rising Malware.Generic.2!tfe (cloud:7wObwOmdYPS) 20170312
Sophos AV Mal/Generic-S 20170312
Symantec Trojan.Gen.2 20170311
Tencent Win32.Trojan.Kryptik.Wrgi 20170312
TrendMicro-HouseCall TROJ_GEN.R00JH09CA17 20170312
VIPRE Trojan.Win32.Generic!BT 20170312
Webroot Malicious 20170312
ZoneAlarm by Check Point Trojan-Banker.Win32.CoreBot.ds 20170312
AhnLab-V3 20170311
Alibaba 20170228
Antiy-AVL 20170312
CAT-QuickHeal 20170311
ClamAV 20170312
CMC 20170312
Comodo 20170312
Cyren 20170312
DrWeb 20170312
F-Prot 20170312
Jiangmin 20170312
K7AntiVirus 20170312
Kingsoft 20170312
NANO-Antivirus 20170312
nProtect 20170312
Palo Alto Networks (Known Signatures) 20170312
Panda 20170312
SUPERAntiSpyware 20170312
TheHacker 20170311
TotalDefense 20170312
TrendMicro 20170312
Trustlook 20170312
VBA32 20170310
ViRobot 20170311
WhiteArmor 20170303
Yandex 20170311
Zillya 20170310
Zoner 20170312
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name CertReq.exe
Internal name CertReq.exe
File version 6.1.7603.16385 (win7_rtm.090713-1255)
Description CertReq.exe
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-03-07 23:15:40
Entry Point 0x0000D3F0
Number of sections 11
PE sections
PE imports
ClusterResourceTypeCloseEnum
GetComputerNameW
AddVectoredExceptionHandler
GetCurrentProcessId
GetCurrencyFormatA
GlobalFree
LockResource
SetConsoleActiveScreenBuffer
GetTickCount
FreeConsole
GetCommandLineA
SetFirmwareEnvironmentVariableA
GetProcAddress
SetComputerNameA
GetModuleHandleW
FoldStringW
StrStrIA
DrawFocusRect
GetProcessWindowStation
GetKeyboardLayoutList
PdhGetLogFileSize
Number of PE resources by type
RT_ICON 2
RT_GROUP_ICON 1
MUI 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 6
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
133632

ImageVersion
0.0

ProductName
Microsoft Windows Operating System

FileVersionNumber
6.1.7600.16385

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
CertReq.exe

CharacterSet
Unicode

LinkerVersion
4.0

FileTypeExtension
exe

OriginalFileName
CertReq.exe

MIMEType
application/octet-stream

Subsystem
Windows command line

FileVersion
6.1.7603.16385 (win7_rtm.090713-1255)

TimeStamp
2017:03:08 00:15:40+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
CertReq.exe

ProductVersion
6.1.7603.16385

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
Microsoft Corporation. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
50688

FileSubtype
0

ProductVersionNumber
6.1.7600.16385

EntryPoint
0xd3f0

ObjectFileType
Executable application

File identification
MD5 d6788b1d500307dd5affc5c27ae1bdbc
SHA1 2d97d28150ae90007ea6c4e1ed72978bf708914f
SHA256 28b3faf320f36b9da1a24449608f6bf0f56b87b1889aabfa1950d12056300c47
ssdeep
3072:ArlEJ5+iKVBeT3N6P27fQJs3jaxwDCTngfC8taNUPa9VAgSBpVXR4aU:AYSS38C3jJSngaI8+aHpOL4B

authentihash c79270c3e03756f799ab12f69d90a071e504c2d15891e01da32ef2f13f2d87a6
imphash 218848ba01c002aad075e08cace8ec49
File size 167.8 KB ( 171820 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.6%)
Clipper DOS Executable (19.1%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
VXD Driver (0.2%)
Tags
peexe

VirusTotal metadata
First submission 2017-03-12 07:26:09 UTC (prije 2 godine, 2 mjeseci)
Last submission 2017-03-12 10:06:21 UTC (prije 2 godine, 2 mjeseci)
Imena datoteka d6788b1d500307dd5affc5c27ae1bdbc.virus
CertReq.exe
Nema komentara.. Nijedan član zajednice VirusTotala još nije prokomentirao ovu stavku. Budite prvi koji će to napraviti!

Ostavite komentar…

?
Postavi komentar

Niste prijavljeni. Samo registrirani korisnici mogu ostavljati komentare. Otvorite račun i razglasite se!

Nema glasova.. Još nitko nije glasovao za ovu stavku. Budite prvi koji će to napraviti!