× 쿠키가 비활성화 되어 있습니다! 이 사이트는 작업을 제대로 하려면 쿠키 활성화가 필요합니다.
SHA256: 8e273948a179077e2a8187be95bd2458fb3f2d71590686237887794272e1d32a
파일 이름: cbust.exe
탐지 비율: 5 / 56
분석 날짜: 2015-10-14 02:05:04 UTC ( 3년, 7개월 전 ) 최신 보기
안티바이러스 결과 업데이트
Avast Win32:Malware-gen 20151014
ESET-NOD32 a variant of MSIL/Kryptik.DHC 20151014
Ikarus Trojan.MSIL.Crypt 20151014
Kaspersky Trojan.Win32.Inject.vjps 20151014
McAfee-GW-Edition BehavesLike.Win32.BackdoorNJRat.ch 20151014
Ad-Aware 20151014
AegisLab 20151013
Yandex 20151014
AhnLab-V3 20151013
Alibaba 20151013
ALYac 20151014
Antiy-AVL 20151014
Arcabit 20151014
AVG 20151013
Avira (no cloud) 20151014
AVware 20151013
Baidu-International 20151013
BitDefender 20151014
Bkav 20151013
ByteHero 20151014
CAT-QuickHeal 20151013
ClamAV 20151013
CMC 20151012
Comodo 20151014
Cyren 20151014
DrWeb 20151014
Emsisoft 20151014
F-Prot 20151014
F-Secure 20151014
Fortinet 20151013
GData 20151014
Jiangmin 20151013
K7AntiVirus 20151013
K7GW 20151013
Kingsoft 20151014
Malwarebytes 20151014
McAfee 20151014
Microsoft 20151014
eScan 20151014
NANO-Antivirus 20151014
nProtect 20151013
Panda 20151013
Qihoo-360 20151014
Rising 20151013
Sophos AV 20151014
SUPERAntiSpyware 20151014
Symantec 20151013
Tencent 20151014
TheHacker 20151012
TrendMicro 20151014
TrendMicro-HouseCall 20151014
VBA32 20151013
VIPRE 20151013
ViRobot 20151014
Zillya 20151013
Zoner 20151014
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-10-12 16:43:32
Entry Point 0x00020C8E
Number of sections 3
.NET details
Module Version ID fef73283-22eb-4e19-9bd7-606e33482a1b
TypeLib ID 562c9844-b13d-40f1-95e1-1be8db723e50
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2015:10:12 18:43:32+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
126976

LinkerVersion
8.0

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x20c8e

InitializedDataSize
8192

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 20d2152087c6aeb522bce6883794746e
SHA1 b4d4b7c7ed7bfd7ac253327246429498777cc57c
SHA256 8e273948a179077e2a8187be95bd2458fb3f2d71590686237887794272e1d32a
ssdeep
3072:rX+Ng8cJ4Dv3dX9u1QK2uF/Fk2Pi1pgY+TyMPbiF0xPt:7scJENKtLPq+Y+dk0B

authentihash 8ccaf5257c8b4b9aaf18c2600a096efa4c895b58a70695ad957c0c8ec9f2bd8f
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 136.0 KB ( 139264 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (61.0%)
Win64 Executable (generic) (22.9%)
Win32 Dynamic Link Library (generic) (5.4%)
Win32 Executable (generic) (3.7%)
Win16/32 Executable Delphi generic (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2015-10-14 02:05:04 UTC ( 3년, 7개월 전 )
Last submission 2019-01-18 16:24:57 UTC ( 4개월 전 )
파일 이름 {B0CC5661-512C-435A-8755-12B6A9154A70}
RAT_247financedeal.com.exe
cbust.exe
댓글이 없습니다.. 이 항목에 대해 댓글을 작성한 바이러스토탈 커뮤니티 회원이 아직 없습니다. 첫 번째로 댓글을 작성해 보십시오!

댓글 남기기...

?
댓글 달기

로그인 안됨. 등록된 사용자만 댓글을 남길 수 있습니다. 로그인하여 댓글을 남겨보십시오!

투표가 없습니다.. 아직 이 항목에 투표한 사람이 없습니다. 첫 번째로 투표해 보십시오!