× Колачићи су онемогућени. Овај сајт захтева колачиће како би нормално функционисао
SHA256: 2728dd32364c8cd6a5293e819f58d11c62cc8e781fdffeb54d5961c741433e6b
Име датотеке: Quotation 05.exe
Однос откривања: 12 / 66
Датум анализе: 2017-11-09 05:26:56 UTC (пре 1 година, 6 месеци) Погледај последње
Антивирус Резултат Ажурирање
ClamAV Win.Packer.VbPack-0-6334882-0 20171109
CrowdStrike Falcon (ML) malicious_confidence_60% (D) 20171016
Cylance Unsafe 20171109
Endgame malicious (high confidence) 20171024
Fortinet W32/GenKryptik.BANO!tr 20171109
Ikarus Trojan.VB.Crypt 20171109
Sophos ML heuristic 20170914
Kaspersky UDS:DangerousObject.Multi.Generic 20171109
Qihoo-360 HEUR/QVM03.0.1075.Malware.Gen 20171109
SentinelOne (Static ML) static engine - malicious 20171019
Sophos AV Mal/FareitVB-M 20171109
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20171109
Ad-Aware 20171109
AegisLab 20171109
AhnLab-V3 20171109
Alibaba 20170911
ALYac 20171109
Antiy-AVL 20171103
Arcabit 20171109
Avast 20171109
Avast-Mobile 20171108
AVG 20171109
Avira (no cloud) 20171109
AVware 20171109
Baidu 20171109
BitDefender 20171109
Bkav 20171108
CAT-QuickHeal 20171108
CMC 20171104
Comodo 20171109
Cybereason 20171030
Cyren 20171109
DrWeb 20171109
eGambit 20171109
Emsisoft 20171109
ESET-NOD32 20171109
F-Prot 20171109
F-Secure 20171109
GData 20171109
Jiangmin 20171109
K7AntiVirus 20171109
K7GW 20171109
Kingsoft 20171109
Malwarebytes 20171109
MAX 20171109
McAfee 20171109
McAfee-GW-Edition 20171109
Microsoft 20171109
eScan 20171109
NANO-Antivirus 20171109
nProtect 20171109
Palo Alto Networks (Known Signatures) 20171109
Panda 20171108
SUPERAntiSpyware 20171109
Symantec 20171108
Symantec Mobile Insight 20171107
Tencent 20171109
TheHacker 20171102
TrendMicro 20171109
TrendMicro-HouseCall 20171109
Trustlook 20171109
VBA32 20171108
VIPRE 20171109
ViRobot 20171109
Webroot 20171109
WhiteArmor 20171104
Yandex 20171108
Zillya 20171108
Zoner 20171109
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Holo_11

Product Holo_11
Original name Tentacles2.exe
Internal name Tentacles2
File version 5.01.0009
Description Holo_11
Comments Holo_11
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-11-08 21:30:02
Entry Point 0x000011AC
Number of sections 3
PE sections
PE imports
_adj_fdiv_m32
__vbaChkstk
_CIcos
EVENT_SINK_QueryInterface
_allmul
_adj_fdivr_m64
_adj_fprem
_adj_fpatan
EVENT_SINK_AddRef
Ord(693)
_adj_fdiv_m32i
__vbaExceptHandler
__vbaSetSystemError
DllFunctionCall
__vbaFPException
_adj_fdivr_m16i
__vbaStrMove
_adj_fdiv_r
Ord(100)
_adj_fdiv_m64
__vbaStrCmp
__vbaHresultCheckObj
_CIsqrt
_CIsin
_CIlog
EVENT_SINK_Release
_adj_fptan
_CItan
__vbaErrorOverflow
_CIatan
__vbaFreeStr
_adj_fdivr_m32i
_CIexp
__vbaStrI2
_adj_fprem1
_adj_fdivr_m32
__vbaStrCat
__vbaFreeStrList
_adj_fdiv_m16i
Number of PE resources by type
RT_ICON 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 3
ENGLISH US 1
PE resources
ExifTool file metadata
CodeSize
131072

SubsystemVersion
4.0

Comments
Holo_11

LinkerVersion
6.0

ImageVersion
5.1

FileSubtype
0

FileVersionNumber
5.1.0.9

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
Holo_11

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
8192

EntryPoint
0x11ac

OriginalFileName
Tentacles2.exe

MIMEType
application/octet-stream

LegalCopyright
Holo_11

FileVersion
5.01.0009

TimeStamp
2017:11:08 22:30:02+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Tentacles2

ProductVersion
5.01.0009

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
HecKIN

LegalTrademarks
Holo_11

ProductName
Holo_11

ProductVersionNumber
5.1.0.9

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 69faf815935ccf0207101975707fd4fb
SHA1 427f46e7adf7ce379c7cc65ee277fe6aad50b389
SHA256 2728dd32364c8cd6a5293e819f58d11c62cc8e781fdffeb54d5961c741433e6b
ssdeep
3072:UHjvdw0POgcwmLKhUyPD6msF3T5M+BzqNM8:yvdPP9cDLKqyPemorBzqG

authentihash 9f244f8e90907421e1ba4cc50c1f5bd1c02fb8825edf5ff96b7dad525127b32f
imphash cb67bfbf5880a76f174a0aadc8468c0c
File size 140.0 KB ( 143360 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (88.6%)
Win32 Executable (generic) (4.8%)
OS/2 Executable (generic) (2.1%)
Generic Win/DOS Executable (2.1%)
DOS Executable Generic (2.1%)
Tags
peexe

VirusTotal metadata
First submission 2017-11-09 05:13:38 UTC (пре 1 година, 6 месеци)
Last submission 2017-11-13 01:19:23 UTC (пре 1 година, 6 месеци)
Имена датотека Quotation 05.exe
Quotation 05.exe
Tentacles2.exe
Tentacles2
Нема коментара.. Ниједан члан заједнице Вајрустотала још није прокоментарисао ову ставку. Будите први који ће то урадити!

Оставите коментар…

?
Постави коментар

Нисте пријављени. Само регистровани корисници могу да остављају коментаре. Отворите налог и разгласите се!

Нема гласова.. Још нико није гласао за ову ставку. Будите први који ће то учинити!