× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a6e586619a877ed220592eed245a3c6229a8a13b71b843249805e25823d95074
File name: cmdow-1.4.8.zip
Detection ratio: 21 / 56
Analysis date: 2016-06-10 01:24:51 UTC ( 1 year, 8 months ago )
Antivirus Result Update
AegisLab Troj.Ge.D6Bd9A82!c 20160609
Antiy-AVL Trojan/Win32.BTSGeneric 20160610
AVware Trojan.Win32.Generic!BT 20160609
Baidu-International Hacktool.Win32.CMDOW.A 20160606
Comodo UnclassifiedMalware 20160609
Cyren W32/Trojan.SYGE-6877 20160610
ESET-NOD32 a variant of Win32/CMDOW.A potentially unsafe 20160609
Fortinet Riskware/CMDOW 20160610
GData Archive.Trojan.Agent.DVSIMQ 20160610
Ikarus Trojan.Cmdow 20160609
K7AntiVirus Trojan ( 00470eed1 ) 20160609
K7GW Trojan ( 00470eed1 ) 20160610
McAfee RDN/Generic PUP.x!ctj 20160610
McAfee-GW-Edition BehavesLike.PUP.qc 20160610
NANO-Antivirus Trojan.Win32.Cmdow.dmjuol 20160609
Rising Trojan.Generic-TCXeEJEoWWG (Cloud) 20160610
Sophos AV Generic PUA IP (PUA) 20160609
TrendMicro HKTL_HIDEWIN 20160610
VIPRE Trojan.Win32.Generic!BT 20160610
ViRobot Trojan.Win32.Z.Cmdow.88576[h] 20160609
Yandex Riskware.Agent! 20160609
Ad-Aware 20160610
AhnLab-V3 20160609
Alibaba 20160608
ALYac 20160610
Arcabit 20160610
Avast 20160610
AVG 20160609
Baidu 20160608
BitDefender 20160610
Bkav 20160609
CAT-QuickHeal 20160609
ClamAV 20160609
CMC 20160607
DrWeb 20160610
Emsisoft 20160610
F-Prot 20160610
F-Secure 20160610
Jiangmin 20160610
Kaspersky 20160610
Kingsoft 20160610
Malwarebytes 20160609
Microsoft 20160609
eScan 20160610
nProtect 20160609
Panda 20160609
Qihoo-360 20160610
SUPERAntiSpyware 20160610
Symantec 20160610
Tencent 20160610
TheHacker 20160607
TotalDefense 20160610
TrendMicro-HouseCall 20160610
VBA32 20160609
Zillya 20160609
Zoner 20160610
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
18
Uncompressed size
158710
Highest datetime
2014-12-30 11:15:18
Lowest datetime
2014-11-09 19:44:26
Contained files by extension
cpp
5
txt
4
exe
1
ico
1
8/
1
h
1
cbp
1
png
1
Contained files by type
unknown
11
directory
3
XML
2
Portable Executable
1
PNG
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x00000000

FileType
ZIP

ZipCompression
None

ZipUncompressedSize
0

ZipCompressedSize
0

FileTypeExtension
zip

ZipFileName
cmdow-1.4.8/

ZipBitFlag
0

ZipModifyDate
2014:12:30 11:13:04

File identification
MD5 1cf830e8b0575b1e7c2c7ce1cf20f6dc
SHA1 52f2a51a0b2089c71d8ef9bb616e687976bc29d8
SHA256 a6e586619a877ed220592eed245a3c6229a8a13b71b843249805e25823d95074
ssdeep
1536:czKclQx5bEXg+gASeNBq1SIbf8/MAfuTxcY/gtZfGkaj:czKKSmdjMo/MysxcCgtZe

File size 58.9 KB ( 60299 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
contains-pe zip

VirusTotal metadata
First submission 2015-01-12 22:53:21 UTC ( 3 years, 1 month ago )
Last submission 2016-06-08 10:32:31 UTC ( 1 year, 8 months ago )
File names cmdow-1.4.8.zip
Kopie von cmdow-1.4.8
SCu1hM6.bz2
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

TrendMicro-HouseCall
TrendMicro's heuristic engine has flagged this file as: Suspicious_GEN.F47V0308.

Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!