× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f3dffc94ecd03ba9ce1ad39b93bf9e7c0ac583b96e43fbc540e99ebdfd8ade2d
File name: Server.exe
Detection ratio: 41 / 57
Analysis date: 2016-08-26 23:05:58 UTC ( 1 year, 2 months ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Zusy.197674 20160826
AegisLab Troj.W32.Gen.m8d5 20160826
AhnLab-V3 Trojan/Win32.Agent.C930575 20160826
ALYac Gen:Variant.Zusy.197674 20160826
Antiy-AVL Trojan[:HEUR]/Win32.AGeneric 20160826
Arcabit Trojan.Zusy.D3042A 20160826
Avast MSIL:Downloader-LX [Trj] 20160826
AVG ILCrypt 20160826
Avira (no cloud) TR/Dldr.Agent.aangvo 20160826
AVware Trojan.Win32.Generic!BT 20160826
Baidu MSIL.Backdoor.Bladabindi.a 20160826
BitDefender Gen:Variant.Zusy.197674 20160826
Bkav W32.DonserpaLTAC.Trojan 20160826
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20160827
Cyren W32/MSIL_Troj.AP.gen!Eldorado 20160826
DrWeb BackDoor.Bladabindi.1702 20160826
Emsisoft Gen:Variant.Zusy.197674 (B) 20160826
ESET-NOD32 a variant of MSIL/Spy.Keylogger.LD 20160826
F-Prot W32/MSIL_Troj.AP.gen!Eldorado 20160826
F-Secure Gen:Variant.Zusy.197674 20160826
Fortinet MSIL/SpyLogger.LD!tr 20160826
GData Gen:Variant.Zusy.197674 20160826
Ikarus Trojan-Downloader.MSIL.Agent 20160826
Sophos ML backdoor.msil.bladabindi.al 20160826
Jiangmin Trojan.Generic.adldv 20160826
K7AntiVirus Trojan ( 700000121 ) 20160826
K7GW Trojan ( 700000121 ) 20160826
Kaspersky HEUR:Trojan.Win32.Generic 20160826
Malwarebytes Trojan.KeyLogger.MSIL 20160826
McAfee GenericRXAC-JD!5E933080FFD0 20160826
McAfee-GW-Edition BehavesLike.Win32.BackdoorNJRat.nm 20160826
Microsoft Backdoor:MSIL/Bladabindi.AL 20160826
eScan Gen:Variant.Zusy.197674 20160826
NANO-Antivirus Trojan.Win32.Keylogger.eecvuu 20160826
Panda Trj/GdSda.A 20160826
Qihoo-360 HEUR/QVM03.0.0000.Malware.Gen 20160827
Rising Backdoor.MSIL.Bladabindi!1.9E49 20160826
Symantec Heur.AdvML.B 20160826
VIPRE Trojan.Win32.Generic!BT 20160826
Yandex Trojan.Agent!DVPwHTatP7Y 20160826
Zillya Trojan.Keylogger.Win32.50141 20160826
Alibaba 20160826
CAT-QuickHeal 20160826
ClamAV 20160826
CMC 20160824
Comodo 20160826
Kingsoft 20160827
nProtect 20160826
Sophos AV 20160826
SUPERAntiSpyware 20160826
Tencent 20160827
TheHacker 20160826
TrendMicro 20160826
TrendMicro-HouseCall 20160826
VBA32 20160826
ViRobot 20160826
Zoner 20160826
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-08-26 23:05:08
Entry Point 0x0000A2CE
Number of sections 3
.NET details
Module Version ID 27e55cf0-20dd-45e3-8491-0f2d2af2341f
TypeLib ID 8cf60069-5ea3-4eaa-93d1-85feaeb2ce88
PE sections
PE imports
_CorExeMain
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2016:08:27 00:05:08+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
33792

LinkerVersion
8.0

EntryPoint
0xa2ce

InitializedDataSize
1024

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 5e933080ffd074ea272aa11845d0c158
SHA1 110d24a52fbb02e70ca14ceaddc3304a040efabe
SHA256 f3dffc94ecd03ba9ce1ad39b93bf9e7c0ac583b96e43fbc540e99ebdfd8ade2d
ssdeep
768:pvHdE1QvfR/vkjzzq4XMfCdcOzb8krLtW+:pv4OJS6DfyYWLtW+

authentihash e4375a7ee52d585aa51b5949e0fbbc440b53d3e451ed3af3f2638a9bd6bf06c3
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 34.5 KB ( 35328 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (56.7%)
Win64 Executable (generic) (21.3%)
Windows screen saver (10.1%)
Win32 Dynamic Link Library (generic) (5.0%)
Win32 Executable (generic) (3.4%)
Tags
peexe assembly via-tor

VirusTotal metadata
First submission 2016-08-26 23:05:58 UTC ( 1 year, 2 months ago )
Last submission 2016-08-26 23:05:58 UTC ( 1 year, 2 months ago )
File names Server.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!