× Çerezler devre dışı bırakılmış! Bu sitenin düzgün bir şekilde çalışabilmesi için çerezlerin açık olması gerekir.
SHA256: 70f9a9e8630541b8595c16205e1b83cd77309bb90c372e2c7096fab47a315275
Dosya adı: nvidiamath.exe
Tespit edilme orani 13 / 64
Analiz tarihi: 2017-08-21 13:07:47 UTC ( 1 yıl, 9 ay önce) En sonuncusunu görüntüle
Antivirus Sonuç Güncelle
AegisLab Ml.Attribute.Gen!c 20170821
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20170817
Bkav HW32.Packed.8A99 20170821
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20170804
Cylance Unsafe 20170821
Endgame malicious (moderate confidence) 20170721
Sophos ML heuristic 20170818
Palo Alto Networks (Known Signatures) generic.ml 20170821
Rising Spyware.Ursnif!8.1DEF (tfe:2:Ew2uNpEU8xP) 20170821
SentinelOne (Static ML) static engine - malicious 20170806
Symantec ML.Attribute.HighConfidence 20170821
Webroot W32.Trojan.Gen 20170821
WhiteArmor Malware.HighConfidence 20170817
Ad-Aware 20170821
AhnLab-V3 20170821
Alibaba 20170821
ALYac 20170821
Antiy-AVL 20170821
Arcabit 20170821
Avast 20170821
AVG 20170821
Avira (no cloud) 20170821
AVware 20170821
BitDefender 20170821
CAT-QuickHeal 20170821
ClamAV 20170821
CMC 20170821
Comodo 20170821
Cyren 20170821
DrWeb 20170821
Emsisoft 20170821
ESET-NOD32 20170821
F-Prot 20170821
F-Secure 20170821
Fortinet 20170821
GData 20170821
Ikarus 20170821
Jiangmin 20170821
K7AntiVirus 20170821
K7GW 20170821
Kaspersky 20170821
Kingsoft 20170821
Malwarebytes 20170821
MAX 20170821
McAfee 20170821
McAfee-GW-Edition 20170821
Microsoft 20170821
eScan 20170821
NANO-Antivirus 20170821
nProtect 20170821
Panda 20170821
Qihoo-360 20170821
Sophos AV 20170821
SUPERAntiSpyware 20170821
Symantec Mobile Insight 20170818
Tencent 20170821
TheHacker 20170821
TrendMicro 20170821
TrendMicro-HouseCall 20170821
Trustlook 20170821
VBA32 20170821
VIPRE 20170821
ViRobot 20170821
Yandex 20170818
Zillya 20170819
ZoneAlarm by Check Point 20170821
Zoner 20170821
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-08-21 02:11:59
Entry Point 0x00001390
Number of sections 5
PE sections
PE imports
CommDlgExtendedError
ImmGetImeMenuItemsW
ImmGetDefaultIMEWnd
OpenFile
GetWriteWatch
HeapFree
GetDriveTypeW
GlobalDeleteAtom
RemoveDirectoryW
GetLastError
GetCommandLineW
CallNamedPipeA
GetCommMask
IsDBCSLeadByte
MprAdminMIBEntrySet
SetupLogFileA
SetupSetFileQueueAlternatePlatformA
SHGetFileInfoA
SHQueryRecycleBinW
AnyPopup
GetDoubleClickTime
GetFileVersionInfoSizeW
memset
printf
CoInitializeEx
Number of PE resources by type
RT_BITMAP 5
RT_DIALOG 1
Number of PE resources by language
ENGLISH US 6
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2017:08:20 19:11:59-07:00

FileType
Win32 EXE

PEType
PE32

CodeSize
9216

LinkerVersion
8.0

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x1390

InitializedDataSize
83968

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 91ed2bd699d4744f6383723d9eec30bc
SHA1 9f35625b1909c73134136c2ab9b2d9cd9a61d11c
SHA256 70f9a9e8630541b8595c16205e1b83cd77309bb90c372e2c7096fab47a315275
ssdeep
1536:PzR3incS+Qx7oxcOVnIrChbOFFnwMlHDRT6EZO4aabf:PzdibF0znpOFJw89TZOUb

authentihash 4325bb3b17ec69fbad8e90b32cb05e845e66193196247a7cca216ed69a4c9936
imphash 614bd643efad39a052f0742a225df487
Dosya boyutu 88.5 KB ( 90624 bytes )
Dosya türü Win32 EXE
Magic lafzı
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2017-08-21 10:30:19 UTC ( 1 yıl, 9 ay önce)
Last submission 2018-05-10 15:21:35 UTC ( 1 yıl önce)
Dosya isimleri hswJd.exe
AYJxF.exe
servicetime.exe
deviceview.exe
defragevent.exe
vlu.exe
7153.exe
UjsOy.exe
srKHT.exe
QmyY.exe
GLPCG.exe
WDr.exe
cachewin.exe
22080999576-107-0_1.oVf.exe
10086872.exe
manwmi.exe
cachewin.exe
QlNv.exe
91ed2bd699d4744f6383723d9eec30bc
DgdR6rWiWYcbrh.exe
48785.exe
nvidiamath.exe
nIxG.exe
35580376.exe
58755.exe
Yorum yok.. Henüz hiçbir VirusTotal Topluluğu üyesi bu öğeye yorum yapmadı.Bunu yapan ilk sen ol!

Yorum ekleyin...

?
Yorumu gönder.

Üye girişi yapmadınız..Sadece kayıtlı kullanıcılar yorum yapabilir.Sesinizi duyurmak için giriş yapın.

Oy yok.. Bu öğeyi daha önce hiç kimse oylamadı.Bunu yapan ilk sen ol!