× Cookies被禁用! 本网站需要启用Cookie才能正常工作
SHA256: 45dd2d1be8e6879b7b332627c387c9a36e38ce7f07ccd3919ea21ed2936889e2
文件名: KeyGen.exe
检出率: 7 / 67
分析日期: 2018-09-26 03:02:51 UTC ( 7 月, 3 周 前 ) 查看最新
反病毒软件 结果 病毒库日期
CrowdStrike Falcon (ML) malicious_confidence_80% (D) 20180723
Cylance Unsafe 20180926
Endgame malicious (high confidence) 20180730
Sophos ML heuristic 20180717
Rising Malware.Heuristic!ET#89% (RDM+:cmRtazpN/JsDLc8WKHQ4SCedFrkr) 20180926
SentinelOne (Static ML) static engine - malicious 20180925
Symantec ML.Attribute.HighConfidence 20180925
Ad-Aware 20180926
AegisLab 20180926
AhnLab-V3 20180925
Alibaba 20180921
ALYac 20180926
Antiy-AVL 20180926
Arcabit 20180926
Avast 20180926
Avast-Mobile 20180925
AVG 20180926
Avira (no cloud) 20180925
AVware 20180925
Babable 20180918
Baidu 20180925
BitDefender 20180926
Bkav 20180925
CAT-QuickHeal 20180923
ClamAV 20180924
CMC 20180925
Comodo 20180926
Cybereason 20180225
Cyren 20180926
DrWeb 20180926
eGambit 20180926
Emsisoft 20180925
ESET-NOD32 20180926
F-Prot 20180926
F-Secure 20180926
Fortinet 20180926
GData 20180926
Ikarus 20180925
Jiangmin 20180926
K7AntiVirus 20180925
K7GW 20180926
Kaspersky 20180926
Kingsoft 20180926
Malwarebytes 20180926
MAX 20180926
McAfee 20180926
McAfee-GW-Edition 20180926
eScan 20180926
NANO-Antivirus 20180926
Palo Alto Networks (Known Signatures) 20180926
Panda 20180925
Qihoo-360 20180926
Sophos AV 20180925
SUPERAntiSpyware 20180907
Symantec Mobile Insight 20180924
TACHYON 20180926
Tencent 20180926
TheHacker 20180924
TrendMicro 20180926
TrendMicro-HouseCall 20180926
Trustlook 20180926
VBA32 20180925
VIPRE 20180926
ViRobot 20180925
Webroot 20180926
Yandex 20180925
Zillya 20180925
ZoneAlarm by Check Point 20180925
Zoner 20180925
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Packers identified
F-PROT PECompact, PecBundle
PEiD PECompact 2.xx --> BitSum Technologies
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-09-25 14:29:17
Entry Point 0x000020E0
Number of sections 3
PE sections
PE imports
VirtualFree
LoadLibraryA
VirtualAlloc
GetProcAddress
Number of PE resources by type
RT_ICON 4
RT_BITMAP 1
RT_DIALOG 1
RT_MANIFEST 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 8
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:09:25 15:29:17+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
4608

LinkerVersion
12.0

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x20e0

InitializedDataSize
116224

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

Compressed bundles
File identification
MD5 c91532b873ab708c5ae4b13dc5fe69db
SHA1 4cef332f7eb2ba32fcd3466da4ec340214e460c0
SHA256 45dd2d1be8e6879b7b332627c387c9a36e38ce7f07ccd3919ea21ed2936889e2
ssdeep
768:1irNu7fRUgrrHBe5wXyeIgqIzrZi/cikPwODSA7t:1irKrrhXxdfti/c7Dvt

authentihash 6501144e6cfd9a96d65bc27104748f3a5037f0ac2e0fe85958d1b455d0453e42
imphash 09d0478591d4f788cb3e5ea416c25237
File size 26.5 KB ( 27136 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 EXE PECompact compressed (v2.x) (53.1%)
Win32 EXE PECompact compressed (generic) (37.3%)
Win32 Executable (generic) (4.0%)
OS/2 Executable (generic) (1.8%)
Generic Win/DOS Executable (1.8%)
Tags
pecompact peexe

VirusTotal metadata
First submission 2018-09-25 14:56:55 UTC ( 7 月, 4 周 前 )
Last submission 2019-05-16 21:05:26 UTC ( 4 天, 22 小时 前 )
文件名 VMware Workstation Pro v15.x KeyGen.exe
KeyGen.exe
1111.exe
KeyGen.exe
VMware-workstation-full-15.0.2-10952284 KeyGen.exe
KeyGen.exe
KeyGen-OnLyOnE_VMW.Pro_15.x.exe
KeyGen.exe
VMware-workstation-v15.0.0.10134415_keygen(OnLyOnE).exe
a.exe
KeyGen.exe
KeyGen.ex
KeyGen-OnLyOnE.exe
_.exe
KeyGen-OnLyOnE.exe
KeyGen (2).exe
VMware Workstation 15 KeyGen.exe
KeyGen.exe
KeyGen.exe
Keygen.exe
bb.exe
pipo.exe
KeyGen-OnLyOnE.exe
KeyGen-OnLyOnE.exe
没有评论. 没有VirusTotal社区成员评论该项目,抢沙发!

发表评论

?
发表评论

您没有登录。只有注册用户可以发表评论,请登录后发表评论!

没有投票. 目前没有用户投票。
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Runtime DLLs
Additional details
The file uses the IsDebuggerPresent Windows API function in order to see whether it is being debugged.