× Cookies đã bị vô hiệu! Trang này yêu cầu kích hoạt cookies để có thể làm việc bình thường
SHA256: 9e77321b75d0397b8325c9c385f4873cb78eadf084a0105b0fa2b9f9e9971910
Tên tập tin: .
Tỷ lệ phát hiện: 56 / 71
Ngày phân tích: 2019-02-08 17:59:41 UTC ( 3 tháng, 2 tuần trước )
Chương trình Kết quả Cập nhật
Acronis suspicious 20190207
Ad-Aware GenPack:Generic.Malware.P!.36882EE3 20190208
AhnLab-V3 Spyware/RL.Zbot.R250830 20190208
ALYac GenPack:Generic.Malware.P!.36882EE3 20190208
Antiy-AVL Trojan[Spy]/Win32.Zbot 20190208
Arcabit GenPack:Generic.Malware.P!.36882EE3 20190208
Avast Win32:VB-FBX 20190208
AVG Win32:VB-FBX 20190208
Avira (no cloud) TR/Dropper.Gen 20190208
Baidu Win32.Trojan.VB.t 20190201
BitDefender GenPack:Generic.Malware.P!.36882EE3 20190208
CAT-QuickHeal TrojanSpy.Zbot 20190208
ClamAV Win.Packer.VbPack-0-6334882-0 20190208
CMC Trojan.Win32.VBKrypt!O 20190208
Comodo Virus.Win32.VB.ei@3l1r83 20190208
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181023
Cybereason malicious.607ca4 20190109
Cylance Unsafe 20190208
Cyren W32/Zbot.ZP.gen!Eldorado 20190208
DrWeb Win32.HLLP.Woner 20190208
eGambit Unsafe.AI_Score_78% 20190208
Emsisoft GenPack:Generic.Malware.P!.36882EE3 (B) 20190208
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/VB.QZU 20190208
F-Prot W32/Zbot.ZP.gen!Eldorado 20190208
F-Secure Trojan.TR/Dropper.Gen 20190208
Fortinet W32/Generic.AC.1BA837!tr 20190208
GData GenPack:Generic.Malware.P!.36882EE3 20190208
Ikarus Exploit.Win32.RpcDcom 20190208
Sophos ML heuristic 20181128
Jiangmin Trojan/Banker.Banbra.jkd 20190208
K7AntiVirus Trojan ( 0052964f1 ) 20190208
K7GW Trojan ( 0052964f1 ) 20190208
Kaspersky Trojan-Spy.Win32.Zbot.wten 20190208
Malwarebytes Spyware.PasswordStealer 20190208
MAX malware (ai score=82) 20190208
McAfee GenericRXAB-MY!BE244F44210B 20190208
McAfee-GW-Edition BehavesLike.Win32.Generic.fh 20190208
Microsoft Trojan:Win32/Vindor.B 20190208
eScan GenPack:Generic.Malware.P!.36882EE3 20190208
NANO-Antivirus Trojan.Win32.Zbot.flxpki 20190208
Panda Trj/Genetic.gen 20190208
Qihoo-360 HEUR/QVM18.1.186D.Malware.Gen 20190208
Rising Trojan.Killav!1.66BF (RDM+:cmRtazr/1jGkLJwl2mg5y37Chmfi) 20190208
SentinelOne (Static ML) static engine - malicious 20190203
Sophos AV Troj/VB-DYS 20190208
Symantec ML.Attribute.HighConfidence 20190208
Trapmine malicious.high.ml.score 20190123
TrendMicro TROJ_VB.BJR 20190208
TrendMicro-HouseCall TROJ_VB.BJR 20190208
VBA32 TrojanSpy.Zbot 20190208
VIPRE Trojan.Win32.VB.chg (v) 20190208
Webroot W32.Malware.Gen 20190208
Yandex Packed/MPress 20190207
Zillya Trojan.VB.Win32.363220 20190208
ZoneAlarm by Check Point Trojan-Spy.Win32.Zbot.wten 20190208
AegisLab 20190208
Alibaba 20180921
Avast-Mobile 20190208
Babable 20180917
Bkav 20190201
Kingsoft 20190208
Palo Alto Networks (Known Signatures) 20190208
SUPERAntiSpyware 20190206
Symantec Mobile Insight 20190206
TACHYON 20190207
Tencent 20190208
TheHacker 20190203
TotalDefense 20190206
Trustlook 20190208
ViRobot 20190208
Zoner 20190208
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Microsoft (C) 2007 , All rights reserved.

Product Microsoft Firewall Installer
Original name Firewall.exe
Internal name Firewall
File version 1.01.0013
Description Microsoft Firewall Installer - Protect all of your files
Comments Microsoft Firewall Installer 12th Edition
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2007-09-07 11:28:55
Entry Point 0x0001309A
Number of sections 3
PE sections
Overlays
MD5 c725948a0bff69ef893745d619ba5733
File type data
Offset 26624
Size 1018562
Entropy 6.54
PE imports
GetProcAddress
GetModuleHandleA
Ord(518)
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 2
CHINESE SIMPLIFIED 1
PE resources
ExifTool file metadata
CodeSize
16384

SubsystemVersion
4.0

Comments
Microsoft Firewall Installer 12th Edition

LinkerVersion
6.0

ImageVersion
1.1

FileSubtype
0

FileVersionNumber
1.1.0.13

LanguageCode
Chinese (Simplified)

FileFlagsMask
0x0000

FileDescription
Microsoft Firewall Installer - Protect all of your files

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit, No debug

CharacterSet
Unicode

InitializedDataSize
8192

EntryPoint
0x1309a

OriginalFileName
Firewall.exe

MIMEType
application/octet-stream

LegalCopyright
Microsoft (C) 2007 , All rights reserved.

FileVersion
1.01.0013

TimeStamp
2007:09:07 04:28:55-07:00

FileType
Win32 EXE

PEType
PE32

InternalName
Firewall

ProductVersion
1.01.0013

UninitializedDataSize
45056

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
XC Microsoft

LegalTrademarks
Microsoft Firewall Installer

ProductName
Microsoft Firewall Installer

ProductVersionNumber
1.1.0.13

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 85d3f21607ca4f4c180185c892cd7c93
SHA1 030dd86617c5d35aa3bfaf409547525a25722012
SHA256 9e77321b75d0397b8325c9c385f4873cb78eadf084a0105b0fa2b9f9e9971910
ssdeep
24576:f0ERTcZ3X7elzlrqCd1fnRTcZ3X7elzlrqCd1frW:fBiZ6lpr1FniZ6lpr1FrW

authentihash 41e73e9ee867b13e0583e809b06a693448111428faedf006ad536782d49d4abd
imphash 69b0c44eb958846f4686302c021a7ed5
File size 1020.7 KB ( 1045186 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable, MZ for MS-DOS

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe overlay

VirusTotal metadata
First submission 2019-02-08 17:59:41 UTC ( 3 tháng, 2 tuần trước )
Last submission 2019-02-08 17:59:41 UTC ( 3 tháng, 2 tuần trước )
Tên tập tin Firewall
Firewall.exe
.
Chưa có ý kiến nào. Chưa có thành viên nào trong Cộng đồng VirusTotal bình luận về đối tượng này, hãy trở thành người đầu tiên đưa ra ý kiến!

Đưa ra ý kiến của bạn...

?
Gửi ý kiến

Bạn chưa đăng nhập.Chỉ có người dùng đã đăng ký mới có thể viết ý kiến, hãy đăng nhập và bắt đầu!

Chưa có đánh giá. Chưa có thành viên nào đánh giá về đối tượng này, hãy trở thành người đầu tiên đánh giá nó!