| SHA256: | f3e6cacf2a4fa6fa15596416263a0087ec0194db746081a08360cc69beec2f31 |
| File name: | 909489321-875904921.pdf.exe |
| Detection ratio: | 6 / 51 |
| Analysis date: | 2016-06-30 09:13:35 UTC ( 4 hours, 30 minutes ago ) |
| Antivirus | Result | Update |
|---|---|---|
| AegisLab | Troj.W32.Gen.kYLC | 20160630 |
| Baidu | Win32.Trojan.WisdomEyes.151026.9950.9999 | 20160630 |
| Qihoo-360 | QVM20.1.Malware.Gen | 20160630 |
| Tencent | Win32.Trojan.Inject.Auto | 20160630 |
| TrendMicro | Possible_Virus | 20160630 |
| TrendMicro-HouseCall | Possible_Virus | 20160630 |
| AVG | 20160630 | |
| AVware | 20160630 | |
| Ad-Aware | 20160630 | |
| AhnLab-V3 | 20160630 | |
| Alibaba | 20160630 | |
| Antiy-AVL | 20160630 | |
| Arcabit | 20160630 | |
| Avast | 20160630 | |
| Avira (no cloud) | 20160630 | |
| BitDefender | 20160630 | |
| Bkav | 20160629 | |
| CAT-QuickHeal | 20160630 | |
| CMC | 20160630 | |
| ClamAV | 20160630 | |
| Comodo | 20160630 | |
| Cyren | 20160630 | |
| DrWeb | 20160630 | |
| ESET-NOD32 | 20160630 | |
| Emsisoft | 20160630 | |
| F-Prot | 20160630 | |
| F-Secure | 20160630 | |
| Fortinet | 20160630 | |
| GData | 20160630 | |
| Ikarus | 20160630 | |
| Jiangmin | 20160630 | |
| K7AntiVirus | 20160630 | |
| K7GW | 20160630 | |
| Kaspersky | 20160630 | |
| Kingsoft | 20160630 | |
| Malwarebytes | 20160630 | |
| McAfee | 20160630 | |
| McAfee-GW-Edition | 20160630 | |
| eScan | 20160630 | |
| Microsoft | 20160630 | |
| NANO-Antivirus | 20160630 | |
| Panda | 20160629 | |
| SUPERAntiSpyware | 20160630 | |
| Sophos | 20160630 | |
| Symantec | 20160630 | |
| TheHacker | 20160630 | |
| VBA32 | 20160629 | |
| VIPRE | 20160630 | |
| ViRobot | 20160630 | |
| Zoner | 20160629 | |
| nProtect | 20160630 |
The file being studied is a Portable Executable file!
More specifically, it is a Win32 EXE
file
for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-06-30 08:49:16
Entry Point 0x00001050
Number of sections 6
PE sections
Overlays
MD5 ca2d31a21aa26a7fff33de4344f3f090
File type data
Offset 22528
Size 130353
Entropy 8.00
PE imports
Number of PE resources by type
RT_GROUP_CURSOR 1
RT_ICON 1
RT_CURSOR 1
RT_GROUP_ICON 1
Number of PE resources by language
FRENCH 2
ENGLISH US 2
ExifTool file metadata
MIMEType
application/octet-stream
Subsystem
Windows GUI
MachineType
Intel 386 or later, and compatibles
FileTypeExtension
exe
TimeStamp
2016:06:30 09:49:16+01:00
FileType
Win32 EXE
PEType
PE32
CodeSize
12288
LinkerVersion
10.0
EntryPoint
0x1050
InitializedDataSize
9216
SubsystemVersion
5.1
ImageVersion
0.0
OSVersion
5.1
UninitializedDataSize
0
File identification
MD5 561ea47dbb2f6c24a603f779c9ae41f8
SHA1 7e54d60e095c9e2ea47669d050ade417f790aed4
SHA256 f3e6cacf2a4fa6fa15596416263a0087ec0194db746081a08360cc69beec2f31
ssdeep
3072:uRtzIC1xBLPq58cE/qWgOVyzLMJmDMlOwY317ijHV:uRts0BLC79UJm2OwY1ij1
File size
149.3 KB ( 152881 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit
| TrID |
Win32 Executable (generic) (52.9%) Generic Win/DOS Executable (23.5%) DOS Executable Generic (23.5%) |
Tags
peexe
overlay
VirusTotal metadata
First submission
2016-06-30 09:13:35 UTC ( 4 hours, 30 minutes ago )
Last submission
2016-06-30 09:13:35 UTC ( 4 hours, 30 minutes ago )
| File names |
909489321-875904921.pdf.exe |
No comments.
No VirusTotal Community member has commented on this item yet, be the first one to do so!
You have not signed in. Only registered users can leave comments, sign in and have a voice!
No votes.
No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the
behaviour of the file when executed in a controlled environment. The actions
and events described were either performed by the file itself or by any other
process launched by the executed file or subjected to code injection by the
executed file.