× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 229d8579a87738d3517ab62a035b967f7f256a2026f565481a174f6a2f837a85
File name: trick_payload.exe
Detection ratio: 1 / 56
Analysis date: 2016-10-18 18:59:24 UTC ( 11 months ago ) View latest
Antivirus Result Update
ESET-NOD32 Win64/Agent.BQ 20161018
Ad-Aware 20161018
AegisLab 20161018
AhnLab-V3 20161018
Alibaba 20161018
ALYac 20161018
Antiy-AVL 20161018
Arcabit 20161018
Avast 20161018
AVG 20161018
Avira (no cloud) 20161018
AVware 20161018
Baidu 20161018
BitDefender 20161018
Bkav 20161018
CAT-QuickHeal 20161018
ClamAV 20161018
CMC 20161018
Comodo 20161018
CrowdStrike Falcon (ML) 20160725
Cyren 20161018
DrWeb 20161018
Emsisoft 20161018
F-Prot 20161018
F-Secure 20161018
Fortinet 20161018
GData 20161018
Ikarus 20161018
Sophos ML 20161018
Jiangmin 20161018
K7AntiVirus 20161018
K7GW 20161018
Kaspersky 20161018
Kingsoft 20161018
Malwarebytes 20161018
McAfee 20161018
McAfee-GW-Edition 20161018
Microsoft 20161018
eScan 20161018
NANO-Antivirus 20161018
nProtect 20161018
Panda 20161018
Qihoo-360 20161018
Rising 20161018
Sophos AV 20161018
SUPERAntiSpyware 20161018
Symantec 20161018
Tencent 20161018
TheHacker 20161018
TrendMicro 20161018
TrendMicro-HouseCall 20161018
VBA32 20161018
VIPRE 20161018
ViRobot 20161018
Yandex 20161018
Zillya 20161018
Zoner 20161018
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem that targets 64bit architectures.
PE header basic information
Target machine x64
Compilation timestamp 2016-08-16 10:54:18
Entry Point 0x000019D0
Number of sections 4
PE sections
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
AMD AMD64

FileTypeExtension
exe

TimeStamp
2016:08:16 11:54:18+01:00

FileType
Win64 EXE

PEType
PE32+

CodeSize
10442

LinkerVersion
10.0

EntryPoint
0x19d0

InitializedDataSize
1660

SubsystemVersion
5.2

ImageVersion
0.0

OSVersion
5.2

UninitializedDataSize
0

File identification
MD5 10d72baf2c79b29bad1038e09c6ed107
SHA1 236420ddf1a80fdfa220133bd4bb14f814358a10
SHA256 229d8579a87738d3517ab62a035b967f7f256a2026f565481a174f6a2f837a85
ssdeep
192:VD4VM+1GX0Qg2PWDPFIdN6sZRXTYUkWuUHTrtVYoK:VDpxX0ePx36sH8UkzUXtVYoK

authentihash 00d2a6e9648442fc5a33e5d13846cfb836622a2b53f1b4095ff8e51a1881cf37
File size 12.3 KB ( 12598 bytes )
File type Win32 EXE
Magic literal
PE32+ executable for MS Windows (GUI)

TrID Generic Win/DOS Executable (50.0%)
DOS Executable Generic (49.9%)
Tags
64bits peexe

VirusTotal metadata
First submission 2016-10-18 18:59:24 UTC ( 11 months ago )
Last submission 2016-10-18 18:59:24 UTC ( 11 months ago )
File names trick_payload.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!