× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1a3bdd69edf4dbc8c72478fa9b771a9a5cb7ead8faa6fc447e7381d9227ee8f0
File name: Net Ghost.exe
Detection ratio: 34 / 56
Analysis date: 2016-09-07 21:42:29 UTC ( 2 år, 8 månader ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Razy.92434 20160907
AegisLab Gen.Variant!c 20160907
ALYac Gen:Variant.Razy.92434 20160907
Arcabit Trojan.Razy.D16912 20160907
Avast Win32:Malware-gen 20160907
AVG Packed3_c.ZGJ 20160907
Avira (no cloud) TR/Confuser.zesp 20160907
AVware Trojan.Win32.Generic!BT 20160907
BitDefender Gen:Variant.Razy.92434 20160907
Bkav W32.Clod3f9.Trojan.f7dc 20160907
CAT-QuickHeal Trojan.Skeeyah 20160907
Cyren W32/Trojan.PRKW-4714 20160907
Emsisoft Gen:Variant.Razy.92434 (B) 20160907
ESET-NOD32 a variant of MSIL/Packed.Confuser.J suspicious 20160907
F-Secure Gen:Variant.Razy.92434 20160907
GData Gen:Variant.Razy.92434 20160907
Ikarus PUA.MSIL.Confuser 20160907
Sophos ML trojan.win32.skeeyah.a!rfn 20160830
K7AntiVirus Trojan ( 004b4ab01 ) 20160907
K7GW Trojan ( 004b4ab01 ) 20160907
Kaspersky UDS:DangerousObject.Multi.Generic 20160907
Malwarebytes Backdoor.Agent.BDB 20160907
McAfee Generic.aiu 20160907
McAfee-GW-Edition RDN/Generic.grp 20160907
eScan Gen:Variant.Razy.92434 20160907
NANO-Antivirus Trojan.Win32.Confuser.eehljs 20160907
Panda Trj/GdSda.A 20160907
Qihoo-360 HEUR/QVM03.0.0000.Malware.Gen 20160907
Sophos AV Mal/Generic-S 20160907
Symantec Trojan.Gen.2 20160907
TrendMicro TROJ_GEN.R08NC0PGC16 20160907
TrendMicro-HouseCall TROJ_GEN.R08NC0PGC16 20160907
VIPRE Trojan.Win32.Generic!BT 20160907
ViRobot Trojan.Win32.Z.Confuser.110592.L[h] 20160907
AhnLab-V3 20160907
Alibaba 20160907
Antiy-AVL 20160907
Baidu 20160907
ClamAV 20160907
CMC 20160907
Comodo 20160907
DrWeb 20160907
F-Prot 20160907
Fortinet 20160907
Jiangmin 20160907
Kingsoft 20160907
Microsoft 20160907
nProtect 20160907
Rising 20160907
SUPERAntiSpyware 20160907
Tencent 20160907
TheHacker 20160905
VBA32 20160907
Yandex 20160907
Zillya 20160907
Zoner 20160907
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © Arcanecfg 2016

Product Net Ghost
Original name Net Ghost.exe
Internal name Net Ghost.exe
File version 1.5.0.0
Description Net Ghost
Comments Free and extremely powerful proxy scraper & checker.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-07-05 14:31:17
Entry Point 0x0001445E
Number of sections 3
.NET details
Module Version ID 4368a1d2-314a-4b15-8aba-1bc2948e868a
TypeLib ID ac1205e6-4269-4a0d-a6a6-709447bc47f7
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 4
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 7
PE resources
ExifTool file metadata
LegalTrademarks
www.WastedWolf.com

SubsystemVersion
4.0

Comments
Free and extremely powerful proxy scraper & checker.

LinkerVersion
11.0

ImageVersion
0.0

ProductName
Net Ghost

FileVersionNumber
1.5.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
34816

FileTypeExtension
exe

OriginalFileName
Net Ghost.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.5.0.0

TimeStamp
2016:07:05 15:31:17+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Net Ghost.exe

ProductVersion
1.5.0.0

FileDescription
Net Ghost

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright Arcanecfg 2016

MachineType
Intel 386 or later, and compatibles

CompanyName
www.WastedWolf.com

CodeSize
75264

FileSubtype
0

ProductVersionNumber
1.5.0.0

EntryPoint
0x1445e

ObjectFileType
Executable application

AssemblyVersion
1.5.0.0

Execution parents
PE resource-wise parents
Compressed bundles
File identification
MD5 2d2bb4565fbc9117beefdabc1c07169d
SHA1 c7136ef193eb4a181124963a5e53a48bdc9b38ab
SHA256 1a3bdd69edf4dbc8c72478fa9b771a9a5cb7ead8faa6fc447e7381d9227ee8f0
ssdeep
1536:x2cHklb3y7rqZXJHV2mY7zEGcqjXBSMhnAlzz3CSCF7sRLCqE3fW:xrE5x033EGFjXBJJAlEsS3fW

authentihash 631b7e4980a85bc393593dc7655d72f9d5758797f231861f01aff0d7631d8197
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 108.0 kB ( 110592 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (81.0%)
Win32 Dynamic Link Library (generic) (7.2%)
Win32 Executable (generic) (4.9%)
OS/2 Executable (generic) (2.2%)
Generic Win/DOS Executable (2.2%)
Tags
peexe assembly

VirusTotal metadata
First submission 2016-07-05 14:32:38 UTC ( 2 år, 10 månader ago )
Last submission 2019-01-01 06:06:39 UTC ( 4 månader, 2 veckor ago )
File names Net Ghost V1.5.exe
._cache_Net Ghost.exe
Net Ghost_latest.exe
203411267.exe
Proxys.exe
338042014.exe
Net Ghost.exe
2cD2X6ZL24
314891742.exe
Net Ghost.exe
2.exe
Net Ghost.exe
308170201.exe
Net Ghost.exe
95272833.exe
Net Ghost.exe
Net_Ghost.exe
sample (5).exe%vir
Net Ghost_latest.exe";filename*=UTF-8''Net%20Ghost_latest.exe
1a3bdd69edf4dbc8_net ghost.exe
Proxy Scraper and Checker.exe
139604726.exe
319078854.exe
Net Ghost.exe
98097025.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!