× Çerezler devre dışı bırakılmış! Bu sitenin düzgün bir şekilde çalışabilmesi için çerezlerin açık olması gerekir.
SHA256: 8e273948a179077e2a8187be95bd2458fb3f2d71590686237887794272e1d32a
Dosya adı: cbust.exe
Tespit edilme orani 5 / 56
Analiz tarihi: 2015-10-14 02:05:04 UTC ( 3 yıl, 7 ay önce) En sonuncusunu görüntüle
Antivirus Sonuç Güncelle
Avast Win32:Malware-gen 20151014
ESET-NOD32 a variant of MSIL/Kryptik.DHC 20151014
Ikarus Trojan.MSIL.Crypt 20151014
Kaspersky Trojan.Win32.Inject.vjps 20151014
McAfee-GW-Edition BehavesLike.Win32.BackdoorNJRat.ch 20151014
Ad-Aware 20151014
AegisLab 20151013
Yandex 20151014
AhnLab-V3 20151013
Alibaba 20151013
ALYac 20151014
Antiy-AVL 20151014
Arcabit 20151014
AVG 20151013
Avira (no cloud) 20151014
AVware 20151013
Baidu-International 20151013
BitDefender 20151014
Bkav 20151013
ByteHero 20151014
CAT-QuickHeal 20151013
ClamAV 20151013
CMC 20151012
Comodo 20151014
Cyren 20151014
DrWeb 20151014
Emsisoft 20151014
F-Prot 20151014
F-Secure 20151014
Fortinet 20151013
GData 20151014
Jiangmin 20151013
K7AntiVirus 20151013
K7GW 20151013
Kingsoft 20151014
Malwarebytes 20151014
McAfee 20151014
Microsoft 20151014
eScan 20151014
NANO-Antivirus 20151014
nProtect 20151013
Panda 20151013
Qihoo-360 20151014
Rising 20151013
Sophos AV 20151014
SUPERAntiSpyware 20151014
Symantec 20151013
Tencent 20151014
TheHacker 20151012
TrendMicro 20151014
TrendMicro-HouseCall 20151014
VBA32 20151013
VIPRE 20151013
ViRobot 20151014
Zillya 20151013
Zoner 20151014
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-10-12 16:43:32
Entry Point 0x00020C8E
Number of sections 3
.NET details
Module Version ID fef73283-22eb-4e19-9bd7-606e33482a1b
TypeLib ID 562c9844-b13d-40f1-95e1-1be8db723e50
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 2
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2015:10:12 18:43:32+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
126976

LinkerVersion
8.0

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x20c8e

InitializedDataSize
8192

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 20d2152087c6aeb522bce6883794746e
SHA1 b4d4b7c7ed7bfd7ac253327246429498777cc57c
SHA256 8e273948a179077e2a8187be95bd2458fb3f2d71590686237887794272e1d32a
ssdeep
3072:rX+Ng8cJ4Dv3dX9u1QK2uF/Fk2Pi1pgY+TyMPbiF0xPt:7scJENKtLPq+Y+dk0B

authentihash 8ccaf5257c8b4b9aaf18c2600a096efa4c895b58a70695ad957c0c8ec9f2bd8f
imphash f34d5f2d4577ed6d9ceec516c1f5a744
Dosya boyutu 136.0 KB ( 139264 bytes )
Dosya türü Win32 EXE
Magic lafzı
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (61.0%)
Win64 Executable (generic) (22.9%)
Win32 Dynamic Link Library (generic) (5.4%)
Win32 Executable (generic) (3.7%)
Win16/32 Executable Delphi generic (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2015-10-14 02:05:04 UTC ( 3 yıl, 7 ay önce)
Last submission 2019-01-18 16:24:57 UTC ( 4 ay önce)
Dosya isimleri {B0CC5661-512C-435A-8755-12B6A9154A70}
RAT_247financedeal.com.exe
cbust.exe
Yorum yok.. Henüz hiçbir VirusTotal Topluluğu üyesi bu öğeye yorum yapmadı.Bunu yapan ilk sen ol!

Yorum ekleyin...

?
Yorumu gönder.

Üye girişi yapmadınız..Sadece kayıtlı kullanıcılar yorum yapabilir.Sesinizi duyurmak için giriş yapın.

Oy yok.. Bu öğeyi daha önce hiç kimse oylamadı.Bunu yapan ilk sen ol!