× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ccfbf6cf9477cb31a2d86ee0dc966390dcd308d3afbe927b03044bd845fee70c
File name: Skill Sender.exe
Detection ratio: 3 / 61
Analysis date: 2017-03-17 20:54:35 UTC ( 8 months, 1 week ago ) View latest
Antivirus Result Update
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170130
Qihoo-360 HEUR/QVM03.0.0000.Malware.Gen 20170317
SentinelOne (Static ML) static engine - malicious 20170315
Ad-Aware 20170317
AegisLab 20170317
AhnLab-V3 20170317
Alibaba 20170228
ALYac 20170317
Antiy-AVL 20170317
Arcabit 20170317
Avast 20170317
AVG 20170317
Avira (no cloud) 20170317
AVware 20170317
Baidu 20170317
BitDefender 20170317
Bkav 20170317
CAT-QuickHeal 20170317
ClamAV 20170317
CMC 20170317
Comodo 20170317
Cyren 20170317
DrWeb 20170317
Emsisoft 20170317
Endgame 20170222
ESET-NOD32 20170317
F-Prot 20170317
F-Secure 20170317
Fortinet 20170317
GData 20170317
Ikarus 20170317
Sophos ML 20170203
Jiangmin 20170317
K7AntiVirus 20170317
K7GW 20170317
Kaspersky 20170317
Kingsoft 20170317
Malwarebytes 20170317
McAfee 20170317
McAfee-GW-Edition 20170317
Microsoft 20170317
eScan 20170317
NANO-Antivirus 20170317
nProtect 20170317
Palo Alto Networks (Known Signatures) 20170317
Panda 20170317
Rising 20170317
Sophos AV 20170317
SUPERAntiSpyware 20170317
Symantec 20170317
Tencent 20170317
TheHacker 20170315
TrendMicro 20170317
TrendMicro-HouseCall 20170317
Trustlook 20170317
VBA32 20170317
VIPRE 20170317
ViRobot 20170317
Webroot 20170317
WhiteArmor 20170315
Yandex 20170317
Zillya 20170317
ZoneAlarm by Check Point 20170317
Zoner 20170317
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2017

Product Skill Sender
Original name Enhance.exe
Internal name Enhance.exe
File version 1.0.0.0
Description Skill Sender
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-03-17 20:52:47
Entry Point 0x0001897A
Number of sections 3
.NET details
Module Version ID 66003ac3-0fc0-4b7f-bf7e-fe91a9b9228a
TypeLib ID 207ec937-6f11-42f8-b9a4-eca1616e32b8
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 4
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
6.0

InitializedDataSize
70144

ImageVersion
0.0

ProductName
Skill Sender

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
48.0

FileTypeExtension
exe

OriginalFileName
Enhance.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.0.0

TimeStamp
2017:03:17 21:52:47+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Enhance.exe

ProductVersion
1.0.0.0

FileDescription
Skill Sender

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright 2017

MachineType
Intel 386 or later, and compatibles

CodeSize
92672

FileSubtype
0

ProductVersionNumber
1.0.0.0

EntryPoint
0x1897a

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

File identification
MD5 a8fa581fe00f3d8f5a43091e50591541
SHA1 b303345e11a5836029e1c0107c4a604dff4fd6d4
SHA256 ccfbf6cf9477cb31a2d86ee0dc966390dcd308d3afbe927b03044bd845fee70c
ssdeep
1536:IzZFCo2MvPgt3G4ONUHaHi6c+5vPgt3G4ONUHaHi6c+xiZ:IzjCoRGTdHaCzkGTdHaCzqiZ

authentihash f5716fbce6b0b5fe9d827cad77a341ad2e1e0cb399d69a66868f210683652d3a
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 159.5 KB ( 163328 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (82.9%)
Win32 Dynamic Link Library (generic) (7.4%)
Win32 Executable (generic) (5.1%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)
Tags
peexe assembly

VirusTotal metadata
First submission 2017-03-17 20:53:31 UTC ( 8 months, 1 week ago )
Last submission 2017-07-20 03:36:42 UTC ( 4 months ago )
File names skill sender.exe
Skill_Sender.exe
Skill Sender.exe
skill sender.exe
Enhance.exe
Behaviour characterization
Zemana
dll-injection

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!