× Cookies被禁用! 本网站需要启用Cookie才能正常工作
SHA256: cd1127ef01e114ab7a88d64d13b0af0a8722ff3f8fc6f9acc043aa60c73567c5
文件名: 0a6f30091d5c49e07c48371ae6f6ea32
检出率: 23 / 64
分析日期: 2017-08-23 03:21:17 UTC ( 1 年, 9 月 前 ) 查看最新
反病毒软件 结果 病毒库日期
Ad-Aware Gen:Variant.Strictor.127514 20170823
ALYac Gen:Variant.Strictor.127514 20170823
Arcabit Trojan.Strictor.D1F21A 20170823
BitDefender Gen:Variant.Strictor.127514 20170822
CrowdStrike Falcon (ML) malicious_confidence_80% (D) 20170804
Cylance Unsafe 20170823
Emsisoft Trojan-MSIL.Crypted.CloudProtector.F (A) 20170822
Endgame malicious (high confidence) 20170821
ESET-NOD32 a variant of Win32/Injector.DQRO 20170823
F-Secure Gen:Variant.Strictor.127514 20170823
Fortinet MSIL/Generic.AP.12AD40!tr 20170823
GData Gen:Variant.Strictor.127514 20170823
Ikarus Trojan.VB.Crypt 20170822
Sophos ML heuristic 20170822
Kaspersky HEUR:Trojan.MSIL.Generic 20170823
MAX malware (ai score=88) 20170823
McAfee Trojan-FNUW!0A6F30091D5C 20170823
McAfee-GW-Edition Trojan-FNUW!0A6F30091D5C 20170823
eScan Gen:Variant.Strictor.127514 20170822
Qihoo-360 HEUR/QVM03.0.5904.Malware.Gen 20170823
SentinelOne (Static ML) static engine - malicious 20170806
Symantec ML.Attribute.HighConfidence 20170822
ZoneAlarm by Check Point HEUR:Trojan.MSIL.Generic 20170823
AegisLab 20170823
AhnLab-V3 20170823
Alibaba 20170823
Antiy-AVL 20170823
Avast 20170823
AVG 20170823
Avira (no cloud) 20170822
AVware 20170823
Baidu 20170822
Bkav 20170823
CAT-QuickHeal 20170822
ClamAV 20170822
CMC 20170822
Comodo 20170823
Cyren 20170823
DrWeb 20170823
F-Prot 20170823
Jiangmin 20170823
K7AntiVirus 20170822
K7GW 20170821
Kingsoft 20170823
Malwarebytes 20170823
Microsoft 20170822
NANO-Antivirus 20170823
nProtect 20170823
Palo Alto Networks (Known Signatures) 20170823
Panda 20170822
Rising 20170823
Sophos AV 20170823
SUPERAntiSpyware 20170823
Tencent 20170823
TheHacker 20170821
TotalDefense 20170822
TrendMicro-HouseCall 20170823
Trustlook 20170823
VBA32 20170822
VIPRE 20170823
ViRobot 20170822
Webroot 20170823
WhiteArmor 20170817
Yandex 20170821
Zillya 20170822
Zoner 20170823
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright @ 2017

Product CVfLJJ
Original name kIhMqnDe.exe
Internal name kIhMqnDe.exe
File version 1.1.2.2
Description CVfLJJ
Comments qwBtijqsrNTjNhfIrFeM
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-08-23 02:28:17
Entry Point 0x0003F6FE
Number of sections 3
.NET details
Module Version ID 730012f1-42f6-49db-9760-d08e666ba61a
TypeLib ID 92e49cb9-a8ba-4bfa-a7a8-81f85a4dd906
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 5
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 7
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
qwBtijqsrNTjNhfIrFeM

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.1.2.2

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
CVfLJJ

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
106496

EntryPoint
0x3f6fe

OriginalFileName
kIhMqnDe.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright @ 2017

FileVersion
1.1.2.2

TimeStamp
2017:08:23 03:28:17+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
kIhMqnDe.exe

ProductVersion
1.1.2.2

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
CVfLJJ Inc

CodeSize
253952

ProductName
CVfLJJ

ProductVersionNumber
1.1.2.2

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.1.2.2

File identification
MD5 0a6f30091d5c49e07c48371ae6f6ea32
SHA1 245e1ae7946ff8ab9afca5c133659a59c3e70f4d
SHA256 cd1127ef01e114ab7a88d64d13b0af0a8722ff3f8fc6f9acc043aa60c73567c5
ssdeep
6144:LNZKaNIlU+52eTA0obcc3edWeMcRgO0tWjOfUJiSnHTkLrk:/KaiSqtTA0yc+pwRdAWSfUUSzkL

authentihash e79d61a470aadad45be515a38d9b58f56f8848317deab65e4aa55e15ea859483
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 356.0 KB ( 364544 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (79.2%)
Win32 Dynamic Link Library (generic) (7.1%)
Win32 Executable (generic) (4.8%)
Win16/32 Executable Delphi generic (2.2%)
OS/2 Executable (generic) (2.1%)
Tags
peexe assembly

VirusTotal metadata
First submission 2017-08-23 03:21:17 UTC ( 1 年, 9 月 前 )
Last submission 2017-12-07 14:38:20 UTC ( 1 年, 5 月 前 )
文件名 0a6f30091d5c49e07c48371ae6f6ea32
kIhMqnDe.exe
没有评论. 没有VirusTotal社区成员评论该项目,抢沙发!

发表评论

?
发表评论

您没有登录。只有注册用户可以发表评论,请登录后发表评论!

没有投票. 目前没有用户投票。