× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: cadaaba95b5d452d36b5a2ab561902302a34a7f39f06a67ef6ab252341555e49
Nom du fichier : HAMI0040_perfc.zip
Ratio de détection : 45 / 59
Date d'analyse : 2017-06-29 12:42:21 UTC (il y a 1 mois, 3 semaines)
Antivirus Résultat Mise à jour
AegisLab Troj.Ransom.W32!c 20170629
AhnLab-V3 Win-Trojan/Petya.Gen 20170629
ALYac Trojan.Ransom.Petya 20170629
Antiy-AVL Trojan/Win32.SGeneric 20170629
Arcabit Trojan.Ransom.GoldenEye.B 20170629
Avast Win64:Malware-gen 20170629
AVG Win64:Malware-gen 20170629
Avira (no cloud) TR/Ransom.ME.12 20170629
AVware Win32.Malware!Drop 20170629
Baidu Win32.Trojan.Ransom.a 20170629
BitDefender Trojan.Ransom.GoldenEye.B 20170629
Bkav W32.RsPetyaND.Worm 20170629
CAT-QuickHeal Ransom.Petya.A5 20170629
ClamAV Win.Exploit.CVE_2017_0147-6331310-0 20170629
CMC RansomWare.Win32.Petya!O 20170629
Comodo TrojWare.Win32.Ransom.Petya.BE 20170629
Cyren W32/Petya.VUNZ-1981 20170629
DrWeb Trojan.Encoder.12544 20170629
Emsisoft Trojan-Ransom.GoldenEye (A) 20170629
ESET-NOD32 Win32/Diskcoder.C 20170629
F-Prot W32/Petya.Ransom.J 20170629
F-Secure Trojan:W32/Petya.F 20170629
Fortinet W32/Petya.EOB!tr 20170629
GData Trojan.Ransom.GoldenEye.B 20170629
Ikarus Trojan-Ransom.Petrwrap 20170629
Jiangmin Trojan.RansomPetya.a 20170628
K7AntiVirus Trojan ( 0001140e1 ) 20170629
K7GW Trojan ( 0001140e1 ) 20170629
Kaspersky Trojan-Ransom.Win32.ExPetr.a 20170629
Malwarebytes Ransom.Petya.EB 20170629
McAfee RDN/Ransomware 20170629
McAfee-GW-Edition RDN/Ransomware 20170629
Microsoft Ransom:Win32/Petya 20170629
NANO-Antivirus Trojan.Win32.Petya.eqlcgp 20170629
Panda Trj/CryptoPetya.B 20170629
Rising Trojan.Diskcoder!8.4613 (cloud:PqDZSWeIPDU) 20170629
Sophos AV Troj/Ransom-EOB 20170629
TrendMicro Ransom_.EA1AD694 20170629
TrendMicro-HouseCall Ransom_.EA1AD694 20170629
VBA32 TrojanRansom.Filecoder 20170629
VIPRE Win32.Malware!Drop 20170629
ViRobot Trojan.Win32.S.Petya.362360 20170629
Webroot W32.Ransomware.Petrwrap 20170629
Yandex Trojan.Diskcoder! 20170628
ZoneAlarm by Check Point Trojan-Ransom.Win32.ExPetr.a 20170629
Ad-Aware 20170629
Alibaba 20170629
CrowdStrike Falcon (ML) 20170420
Endgame 20170629
Sophos ML 20170607
Kingsoft 20170629
eScan 20170629
nProtect 20170629
Palo Alto Networks (Known Signatures) 20170629
Qihoo-360 20170629
SentinelOne (Static ML) 20170516
SUPERAntiSpyware 20170629
Symantec 20170629
Symantec Mobile Insight 20170629
Tencent 20170629
TheHacker 20170628
Trustlook 20170629
WhiteArmor 20170627
Zillya 20170628
Zoner 20170629
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
1
Uncompressed size
362360
Highest datetime
2017-06-27 12:49:28
Lowest datetime
2017-06-27 12:49:28
Contained files by extension
dat
1
Contained files by type
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x673f086c

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
362360

ZipCompressedSize
314317

FileTypeExtension
zip

ZipFileName
perfc.dat

ZipBitFlag
0

ZipModifyDate
2017:06:27 12:49:14

File identification
MD5 d5ff38da7f8e16179f69a5576c55890d
SHA1 aa075078679fb1e31ed8cfb467d9b079d8ed25f3
SHA256 cadaaba95b5d452d36b5a2ab561902302a34a7f39f06a67ef6ab252341555e49
ssdeep
6144:ousvyshPafu+JRFN3TFNQ7PCWzOqfSK3ib3niptdQ4/Cd/S:or1afTz4GWzOqfSK343qdQ4Ka

File size 307.1 KB ( 314433 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID ZIP compressed archive (100.0%)
Tags
exploit cve-2017-0147 contains-pe zip

VirusTotal metadata
First submission 2017-06-29 12:42:21 UTC (il y a 1 mois, 3 semaines)
Last submission 2017-06-29 12:42:21 UTC (il y a 1 mois, 3 semaines)
Noms du fichier HAMI0040_perfc.zip
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !