× В вашем браузере отключены куки (cookie). Для полноценной работы сайта необходимо включить сохранение файлов cookie.
SHA256: fcb54010c958d5c724ae52de1980b81c829c05b842b81834bcd23c0c2a9a4c46
Имя файла: NB_CF_HACK.exe
Показатель выявления: 4 / 56
Дата анализа: 2015-10-18 18:36:46 UTC (3 лет, 1 месяц назад) Показать последний анализ
Антивирус Результат Дата обновления
Avira (no cloud) TR/Crypt.TPM.Gen 20151018
Bkav W32.HfsAutoB.774E 20151017
ESET-NOD32 a variant of Win32/Packed.Themida suspicious 20151018
Rising PE:Malware.RDM.10!5.10[F1] 20151018
Ad-Aware 20151018
AegisLab 20151018
Yandex 20151017
AhnLab-V3 20151018
Alibaba 20151016
ALYac 20151018
Antiy-AVL 20151018
Arcabit 20151018
Avast 20151018
AVG 20151018
AVware 20151018
Baidu-International 20151018
BitDefender 20151018
ByteHero 20151018
CAT-QuickHeal 20151017
ClamAV 20151018
CMC 20151016
Comodo 20151018
Cyren 20151018
DrWeb 20151018
Emsisoft 20151018
F-Prot 20151018
F-Secure 20151017
Fortinet 20151018
GData 20151018
Ikarus 20151018
Jiangmin 20151017
K7AntiVirus 20151018
K7GW 20151018
Kaspersky 20151018
Kingsoft 20151018
Malwarebytes 20151018
McAfee 20151018
McAfee-GW-Edition 20151018
Microsoft 20151018
eScan 20151018
NANO-Antivirus 20151018
nProtect 20151016
Panda 20151018
Qihoo-360 20151018
Sophos AV 20151018
SUPERAntiSpyware 20151018
Symantec 20151018
Tencent 20151018
TheHacker 20151018
TrendMicro 20151018
TrendMicro-HouseCall 20151018
VBA32 20151016
VIPRE 20151018
ViRobot 20151018
Zillya 20151018
Zoner 20151018
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright ©

Product CF_MiniZM
Original name jf_simpleWOT.exe
Internal name jf_simpleWOT.exe
File version 1.1.0.0
Description CF_MiniZM
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-10-18 18:31:09
Entry Point 0x0043C000
Number of sections 6
PE sections
PE imports
InitCommonControls
Number of PE resources by type
RT_ICON 10
RT_MANIFEST 1
RT_VERSION 1
RT_RCDATA 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 14
PE resources
ExifTool file metadata
SubsystemVersion
5.0

InitializedDataSize
649728

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.1.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
9.0

EntryPoint
0x43c000

OriginalFileName
jf_simpleWOT.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright

FileVersion
1.1.0.0

TimeStamp
2015:10:18 19:31:09+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
jf_simpleWOT.exe

ProductVersion
1.1.0.0

FileDescription
CF_MiniZM

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
wjtr

CodeSize
104448

ProductName
CF_MiniZM

ProductVersionNumber
1.1.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.1.0.0

File identification
MD5 f75035529ac181c2e2a5d37593adad4b
SHA1 a084787c2015fc0d909f5103b240890266ea21e5
SHA256 fcb54010c958d5c724ae52de1980b81c829c05b842b81834bcd23c0c2a9a4c46
ssdeep
49152:8JPya7wB2IVcJqP+NfhY/LsVKx1KQmwLJ3q7POaCJV3k58:MM2Jq02/LElQPaCaCJVU58

authentihash d651812e2e813d7a498e121f8764cdaa355106cc23f2e1fac6048a7bdac04ddc
imphash baa93d47220682c04d92f7797d9224ce
Размер файла 2.1 MБ ( 2190848 bytes )
Тип файла Win32 EXE
Описание
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Tags
peexe

VirusTotal metadata
First submission 2015-10-18 18:36:46 UTC (3 лет, 1 месяц назад)
Last submission 2015-12-30 10:55:10 UTC (2 лет, 10 месяцев назад)
Имена файлов NB_CF_HACK.exe
nb cf hack1
NB CF HACK.exe
nb cf hack.exe
jf_simpleWOT.exe
Нет комментариев. Из участников сообщества VirusTotal ещё пока никто не оставил комментарий по поводу результатов анализа. Станьте первым!

Оставьте свой комментарий...

?
Отправить

Вы не выполнили вход. Только зарегистрированные пользователи могут оставлять комментарии. Выполните вход и получите право голоса!

Нет голосов. Ещё пока никто не проголосовал за результаты анализа. Станьте первым!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
Additional details
The file uses the IsDebuggerPresent Windows API function in order to see whether it is being debugged.