× Kolačići su onemogućeni. Ovo web-mesto zahtijeva kolačiće kako bi normalno funkcioniralo
SHA256: 96716cf198502bdeeb0c0fccd8d01e46bccb2d03eaf0537d16f51851333d5247
Ime datoteke: gfRWfwxH.exe
Omjer otkrivanja: 40 / 52
Datum analize: 2015-12-18 08:12:18 UTC (prije 1 godina, 6 mjeseci)
Antivirus Rezultat Ažuriranje
Ad-Aware Gen:Variant.Zusy.156821 20151219
Yandex Trojan.Inject!2n3KPLudVaQ 20151218
AhnLab-V3 Win-Trojan/Xema.658432.B 20151218
Antiy-AVL Trojan/MSIL.Inject 20151219
Arcabit Trojan.Zusy.D26495 20151219
Avast Win32:Malware-gen 20151219
AVG Crypt4.BWJN 20151219
Avira (no cloud) TR/Dropper.MSIL.184850 20151219
AVware Trojan.Win32.Generic!BT 20151219
Baidu-International Trojan.MSIL.Inject.clzg 20151218
BitDefender Gen:Variant.Zusy.156821 20151219
Bkav HW32.Packed.8D70 20151218
CAT-QuickHeal TrojanSpy.Golroted.r3 20151219
Comodo UnclassifiedMalware 20151219
Cyren W32/MSIL_Injector.AH.gen!Eldorado 20151219
DrWeb Tool.PassView.849 20151219
Emsisoft Gen:Variant.Zusy.156821 (B) 20151219
ESET-NOD32 a variant of MSIL/Injector.LKL 20151219
F-Prot W32/MSIL_Injector.AH.gen!Eldorado 20151219
F-Secure Gen:Variant.Zusy.156821 20151218
Fortinet MSIL/Kryptik.DHJ!tr 20151219
GData Gen:Variant.Zusy.156821 20151219
Ikarus Worm.Agent 20151219
Jiangmin Trojan/MSIL.ggft 20151219
K7AntiVirus Trojan ( 004cd2091 ) 20151219
K7GW Trojan ( 004cd2091 ) 20151219
Kaspersky HEUR:Trojan.Win32.Generic 20151219
Malwarebytes Backdoor.Bot 20151219
McAfee RDN/Generic PWS.y 20151219
McAfee-GW-Edition BehavesLike.Win32.Trojan.jc 20151219
Microsoft TrojanSpy:MSIL/Golroted.B 20151219
eScan Gen:Variant.Zusy.156821 20151219
NANO-Antivirus Riskware.Win32.PassView.dvgovm 20151219
Panda Trj/CI.A 20151218
Sophos Troj/MSIL-EAJ 20151219
Symantec Infostealer.Limitail 20151217
TrendMicro TSPY_LIMITAIL.XXTXV 20151219
TrendMicro-HouseCall TSPY_LIMITAIL.XXTXV 20151219
VIPRE Trojan.Win32.Generic!BT 20151219
Zillya Trojan.Inject.Win32.176001 20151218
AegisLab 20151219
Alibaba 20151208
ByteHero 20151219
ClamAV 20151217
CMC 20151217
Rising 20151218
SUPERAntiSpyware 20151219
TheHacker 20151218
TotalDefense 20151219
VBA32 20151218
ViRobot 20151219
Zoner 20151219
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
All rights reserved (C) 2015

Product Please change this line too
Original name gfRWfwxH.exe
Internal name gfRWfwxH.exe
File version 7.0.0.1
Description Please change this line. Thank you.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-08-14 08:25:44
Entry Point 0x000A21EE
Number of sections 3
.NET details
Module Version ID d0f683ad-0337-4c51-8eff-438188f496b3
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
7.0.0.1

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
2048

EntryPoint
0xa21ee

OriginalFileName
gfRWfwxH.exe

MIMEType
application/octet-stream

LegalCopyright
All rights reserved (C) 2015

FileVersion
7.0.0.1

TimeStamp
2015:08:14 09:25:44+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
gfRWfwxH.exe

ProductVersion
7.0.0.1

FileDescription
Please change this line. Thank you.

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
655872

ProductName
Please change this line too

ProductVersionNumber
7.0.0.1

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
7.0.0.1

Compressed bundles
File identification
MD5 ea0995d9e52a436e80b9ad341ff4ee62
SHA1 0601740b14494a983ed0281f34443b439855724c
SHA256 96716cf198502bdeeb0c0fccd8d01e46bccb2d03eaf0537d16f51851333d5247
ssdeep
12288:KXFD5zOofkmg5SdX9v70teWfKyLS8LyFy/ulNPHoONktr/aQK7yF4sWC:KVdOofkmacQKyLS8LyFy2lNTNkJ/aDyD

authentihash 3b73e87dd038eb28d70c56664bba7b98c2b306eb735205bd0766d762c258393c
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 643.0 KB ( 658432 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe assembly

VirusTotal metadata
First submission 2015-08-14 10:26:54 UTC (prije 1 godina, 10 mjeseci)
Last submission 2015-08-17 01:04:52 UTC (prije 1 godina, 10 mjeseci)
Imena datoteka gfRWfwxH.exe
Overdue Invoice Documents for payment 082015.exe
Advanced heuristic and reputation engines
TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: TROJ_GEN.R0CCC0DHG15.

Nema komentara.. Nijedan član zajednice VirusTotala još nije prokomentirao ovu stavku. Budite prvi koji će to napraviti!

Ostavite komentar…

?
Postavi komentar

Niste prijavljeni. Samo registrirani korisnici mogu ostavljati komentare. Otvorite račun i razglasite se!

Nema glasova.. Još nitko nije glasovao za ovu stavku. Budite prvi koji će to napraviti!