× Cookies estão desativados! Este site requer que os cookies estejam habilitados para funcionar corretamente
SHA256: 7aa126558898f0105863589858fbc7d61285503ca3d298b032d4a3e7a03db698
Nome do arquivo: 20cf30bced49.exe
Taxa de detecção: 12 / 56
Data da análise: 2015-10-12 22:39:53 UTC ( 2 anos, 1 mês atrás ) Visualizar últimos
Antivírus Resultado Atualização
Ad-Aware Gen:Variant.Kazy.466940 20151012
ALYac Gen:Variant.Kazy.466940 20151012
Arcabit Trojan.Kazy.D71FFC 20151012
Baidu-International Hacktool.MSIL.DllInject.LN 20151012
BitDefender Gen:Variant.Kazy.466940 20151012
Emsisoft Gen:Variant.Kazy.466940 (B) 20151012
ESET-NOD32 a variant of MSIL/DllInject.LN potentially unsafe 20151012
F-Secure Gen:Variant.Kazy.466940 20151012
GData Gen:Variant.Kazy.466940 20151012
K7AntiVirus Trojan ( 700000121 ) 20151012
K7GW Trojan ( 700000121 ) 20151010
eScan Gen:Variant.Kazy.466940 20151012
AegisLab 20151012
Yandex 20151012
AhnLab-V3 20151012
Alibaba 20151012
Antiy-AVL 20151012
Avast 20151012
AVG 20151012
Avira (no cloud) 20151012
AVware 20151012
Bkav 20151012
ByteHero 20151012
CAT-QuickHeal 20151012
ClamAV 20151012
CMC 20151012
Comodo 20151012
Cyren 20151012
DrWeb 20151012
F-Prot 20151012
Fortinet 20151012
Ikarus 20151012
Jiangmin 20151012
Kaspersky 20151012
Kingsoft 20151012
Malwarebytes 20151012
McAfee 20151012
McAfee-GW-Edition 20151012
Microsoft 20151012
NANO-Antivirus 20151012
nProtect 20151012
Panda 20151012
Qihoo-360 20151012
Rising 20151012
Sophos AV 20151012
SUPERAntiSpyware 20151012
Symantec 20151012
Tencent 20151012
TheHacker 20151012
TrendMicro 20151012
TrendMicro-HouseCall 20151012
VBA32 20151012
VIPRE 20151012
ViRobot 20151012
Zillya 20151012
Zoner 20151012
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
NARUTO

Publisher SHIKAMARU
Product CHOTICH
Original name jutsoclonedasombras.exe
Internal name jutsoclonedasombras.exe
File version 3.1.0.0
Description RLHACK
Comments KAKASHI HATAKI
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-10-12 21:47:50
Entry Point 0x0002F6CE
Number of sections 3
.NET details
Module Version ID 46489b4d-c9ce-41a3-8cc6-d76fb6ad501d
TypeLib ID e6b77c88-abeb-4e19-b94f-bb4270d61859
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 4
PE resources
Debug information
ExifTool file metadata
LegalTrademarks
INO

SubsystemVersion
6.0

Comments
KAKASHI HATAKI

LinkerVersion
11.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.1.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
RLHACK

CharacterSet
Unicode

InitializedDataSize
70144

EntryPoint
0x2f6ce

OriginalFileName
jutsoclonedasombras.exe

MIMEType
application/octet-stream

LegalCopyright
NARUTO

FileVersion
3.1.0.0

TimeStamp
2015:10:12 22:47:50+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
jutsoclonedasombras.exe

ProductVersion
3.1.0.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
SHIKAMARU

CodeSize
186368

ProductName
CHOTICH

ProductVersionNumber
3.1.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.1.0.0

File identification
MD5 a68989205f4d3252fe6f599ca60d5fa5
SHA1 6a60765f47eda4353d8171f54788940acdf38da8
SHA256 7aa126558898f0105863589858fbc7d61285503ca3d298b032d4a3e7a03db698
ssdeep
3072:mPXHaA/MUnLeOYjYp43NcQNSubrJ75MEYFKrIa:4KAEUnLCjrJSuHYkd

authentihash f8f7be9a94d57558187c4fcc3d61a06ea4d6120f7a1ce2877d8bce7b7378431e
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 251.0 KB ( 257024 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (63.1%)
Win64 Executable (generic) (23.8%)
Win32 Dynamic Link Library (generic) (5.6%)
Win32 Executable (generic) (3.8%)
Generic Win/DOS Executable (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2015-10-12 22:39:53 UTC ( 2 anos, 1 mês atrás )
Last submission 2015-10-12 22:39:53 UTC ( 2 anos, 1 mês atrás )
Nomes do arquivo 20cf30bced49.exe
jutsoclonedasombras.exe
Sem comentários. Ainda nenhum membro da Comunidade VirusTotal comentou este item, seja o primeiro!

Deixe o seu comentário...

?
Postar comentário

Você ainda não entrou. Apenas usuários registrados podem comentar, entre e expresse-se!

Sem votos. Ainda nenhum usuário votou neste item, seja o primeiro!