Report #11124 cancel

  • Creation Date: Sept. 8, 2020, 12:46 a.m.
  • Last Update: Sept. 8, 2020, 12:48 a.m.
  • File: 045
  • Results:
Binary
DLL
False cancel
Size
840.00KB
trid
61.7% Win64 Executable
14.7% Win32 Dynamic Link Library
10.0% Win32 Executable
4.5% OS/2 Executable
4.4% Generic Win/DOS Executable
type
PE
wordsize
32
Subsystem
Windows GUI
Hashes
md5
89c133d4a01d73783b7dd91c50dc7650
sha1
520ced7d35ab4c37493e728cfa62fa75baa63db0
crc32
0xbb93f7ca
sha224
1088c9c1576eb0ecbc5bea758161f5f5854d7c3ed3698832f96e4025
sha256
71ef2fa09dcdf76fddedf5850962b6ab048d98b80913ee0cdebe0830c1a611cc
sha384
64796bfbb7ccc800a507979fa1cbe60e854ca730065abf9cc34c9346a30c52575d61ecb8bdc87730c27ca1fba59af7f3
sha512
54a4dac3795829668f65ebb8957a97b1e011e886badda737a69181c2bc1388c7062b226b3b40420d7b5a1baa58f78385996a6849c73eb1b80760025899632d58
ssdeep
12288:ixFhwUgzTuoYdnrXeQLzDYD37affGLQuT3bhUha3KBlHjOBCNyAEb3JDdrqN:ojw9yv7tvDULam0uTryU3WlHzkrqN
Community
Google
False cancel
HashLib
False cancel
YARA
Matches
NET_executable, contentis_base64, Microsoft_Visual_C_v70_Basic_NET, Microsoft_Visual_Studio_NET_additional, IP, IsNET_EXE, NETexecutableMicrosoft, Microsoft_Visual_C_Basic_NET, Microsoft_Visual_Studio_NET, IsPacked, NET_executable_, domain, IsPE32, Microsoft_Visual_C_v70_Basic_NET_additional, IsWindowsGUI

Suspicious
True check_circle

Strings
List
System.Security
gC35vh_K.iT
System.IO
System.Media
System.Net
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
x.LI
L.hu
K.Gl
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089@
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
G.Jp
<cH.nU
TU2System.Security.Permissions.SecurityPermissionFlag
System.Security.Permissions
crab.Properties.Resources
1.0.0.0
1.0.0.0
0.0.0.0
webengine4.dll
winmm.dll
15.0.0.0
15.9.0.0
How is seen in task manager
How is seen in task manager
Pr69k mP.je'su
!mz77}hIK.cd
6<fD,oyb%
*.(
GUEPCSg|
=aRe|S%n
=aRe|S%n
=aRe|S%n
jM$i8%he
'5I%u0sLY
g/Ye[%ADw
P4EUf
N4YrP
$:e_n-%EP
LoadCompleted
`We|S%n
Bf%9ns
%G,NO
%E*RI^
%E_td
%FeH_
aRe2S%n
TQ<aRepS%n
3System.Resources.Tools.StronglyTypedResourceBuilder
r?aRMnS%E
Member
CreateDelegate
Delegate
%iHYt
MulticastDelegate
requestedExecutionLevel node with one of the following.
%a Hh
TRANSFER COPY.exe
TRANSFER COPY.exe
p8yp8gaFWsOr8Ng9GtoKjrW1+/9DGw5FLGHJaOlITK5bWq1WFVsN3tfKWSNjm66ph71rdWPF14EbovH8gc5CrcpYAQH+u2uvSH6gWvPQVJH42eaOlQ==
mscoree.dll
owner
member
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a

Foremost
Matches
0.exe, 840 KB, 41.png, 2 KB, 46.png, 2 KB, 51.png, 2 KB, 56.png, 2 KB, 60.png, 2 KB, 65.png, 2 KB, 70.png, 2 KB, 74.png, 2 KB, 79.png, 2 KB, 84.png, 2 KB, 88.png, 2 KB, 93.png, 2 KB, 98.png, 2 KB, 103.png, 2 KB, 107.png, 2 KB, 112.png, 2 KB, 117.png, 2 KB, 121.png, 2 KB, 126.png, 2 KB, 131.png, 2 KB, 136.png, 2 KB, 140.png, 2 KB, 145.png, 2 KB, 150.png, 2 KB, 154.png, 2 KB, 159.png, 2 KB, 164.png, 2 KB, 168.png, 2 KB, 173.png, 2 KB, 178.png, 2 KB, 183.png, 2 KB, 187.png, 2 KB, 192.png, 2 KB, 197.png, 2 KB, 201.png, 2 KB, 206.png, 2 KB, 211.png, 2 KB, 216.png, 2 KB, 220.png, 2 KB, 225.png, 2 KB, 230.png, 2 KB, 234.png, 2 KB, 239.png, 2 KB, 244.png, 2 KB, 248.png, 2 KB, 253.png, 2 KB, 258.png, 2 KB, 263.png, 2 KB, 267.png, 2 KB, 272.png, 2 KB, 277.png, 2 KB, 281.png, 2 KB, 286.png, 2 KB, 291.png, 2 KB, 296.png, 2 KB, 300.png, 2 KB, 305.png, 2 KB, 310.png, 2 KB, 314.png, 2 KB, 319.png, 2 KB, 324.png, 2 KB, 328.png, 2 KB, 333.png, 2 KB, 338.png, 2 KB, 343.png, 2 KB, 347.png, 2 KB, 352.png, 2 KB, 357.png, 2 KB, 361.png, 2 KB, 366.png, 2 KB, 371.png, 2 KB, 376.png, 2 KB, 380.png, 2 KB, 385.png, 2 KB, 390.png, 2 KB, 394.png, 2 KB, 399.png, 2 KB, 404.png, 2 KB, 408.png, 2 KB, 413.png, 2 KB, 418.png, 2 KB, 423.png, 2 KB, 427.png, 2 KB, 432.png, 2 KB, 437.png, 2 KB, 441.png, 2 KB, 446.png, 2 KB, 451.png, 2 KB, 456.png, 2 KB, 460.png, 2 KB, 465.png, 2 KB, 470.png, 2 KB, 474.png, 2 KB, 479.png, 2 KB, 484.png, 2 KB, 488.png, 2 KB, 493.png, 2 KB, 498.png, 2 KB, 503.png, 2 KB, 507.png, 2 KB, 512.png, 2 KB, 517.png, 2 KB, 521.png, 2 KB, 526.png, 2 KB, 531.png, 2 KB, 536.png, 2 KB, 540.png, 2 KB, 545.png, 2 KB, 550.png, 2 KB, 554.png, 2 KB, 559.png, 2 KB, 564.png, 2 KB, 568.png, 2 KB, 573.png, 2 KB, 578.png, 2 KB, 583.png, 2 KB, 587.png, 2 KB, 592.png, 2 KB, 597.png, 2 KB, 601.png, 2 KB, 606.png, 2 KB, 611.png, 2 KB, 616.png, 2 KB, 620.png, 2 KB, 625.png, 2 KB, 630.png, 2 KB, 634.png, 2 KB, 639.png, 2 KB, 644.png, 2 KB, 649.png, 2 KB, 653.png, 2 KB, 658.png, 2 KB, 663.png, 2 KB, 667.png, 2 KB, 672.png, 2 KB, 677.png, 2 KB, 681.png, 2 KB, 686.png, 2 KB, 691.png, 2 KB, 696.png, 2 KB, 700.png, 2 KB, 705.png, 2 KB, 710.png, 2 KB, 714.png, 2 KB, 719.png, 2 KB, 724.png, 2 KB, 729.png, 2 KB, 733.png, 2 KB, 738.png, 2 KB, 743.png, 2 KB, 747.png, 2 KB, 752.png, 2 KB, 757.png, 2 KB, 761.png, 2 KB, 766.png, 2 KB, 771.png, 2 KB, 776.png, 2 KB, 780.png, 2 KB, 785.png, 2 KB, 790.png, 2 KB, 794.png, 2 KB, 799.png, 2 KB, 804.png, 2 KB, 809.png, 2 KB, 813.png, 2 KB, 818.png, 2 KB, 823.png, 2 KB, 827.png, 2 KB, 832.png, 2 KB, 837.png, 2 KB, 841.png, 2 KB, 846.png, 2 KB, 851.png, 2 KB, 856.png, 2 KB, 860.png, 2 KB, 865.png, 2 KB, 870.png, 2 KB, 874.png, 2 KB, 879.png, 2 KB, 884.png, 2 KB, 889.png, 2 KB, 893.png, 2 KB, 898.png, 2 KB, 903.png, 2 KB, 907.png, 2 KB, 912.png, 2 KB, 917.png, 2 KB, 921.png, 2 KB, 926.png, 2 KB, 931.png, 2 KB, 936.png, 2 KB, 940.png, 2 KB, 945.png, 2 KB, 950.png, 2 KB, 954.png, 2 KB, 959.png, 2 KB, 964.png, 2 KB, 969.png, 2 KB, 973.png, 539 B, 975.png, 2 KB, 979.png, 2 KB, 984.png, 2 KB, 989.png, 2 KB, 993.png, 2 KB, 998.png, 2 KB, 1003.png, 2 KB, 1008.png, 2 KB, 1012.png, 2 KB, 1017.png, 2 KB, 1022.png, 2 KB, 1026.png, 2 KB, 1031.png, 2 KB, 1036.png, 2 KB, 1040.png, 2 KB, 1045.png, 2 KB, 1050.png, 2 KB, 1055.png, 2 KB, 1059.png, 2 KB, 1064.png, 2 KB, 1069.png, 2 KB, 1073.png, 2 KB, 1078.png, 2 KB, 1083.png, 2 KB, 1088.png, 2 KB, 1092.png, 2 KB, 1097.png, 2 KB, 1102.png, 2 KB, 1106.png, 2 KB, 1111.png, 2 KB, 1116.png, 2 KB, 1120.png, 2 KB, 1125.png, 2 KB, 1130.png, 2 KB, 1135.png, 2 KB, 1139.png, 2 KB, 1144.png, 2 KB, 1149.png, 2 KB, 1153.png, 2 KB, 1158.png, 2 KB, 1163.png, 2 KB, 1168.png, 2 KB, 1172.png, 2 KB, 1177.png, 2 KB, 1182.png, 2 KB, 1186.png, 2 KB, 1191.png, 2 KB, 1196.png, 2 KB, 1200.png, 2 KB, 1205.png, 2 KB, 1210.png, 2 KB, 1215.png, 2 KB, 1219.png, 2 KB, 1224.png, 2 KB, 1229.png, 2 KB, 1233.png, 2 KB, 1238.png, 2 KB, 1243.png, 2 KB, 1248.png, 2 KB, 1252.png, 2 KB, 1257.png, 2 KB, 1262.png, 2 KB, 1266.png, 2 KB, 1271.png, 2 KB, 1276.png, 2 KB, 1280.png, 2 KB, 1285.png, 2 KB, 1290.png, 2 KB, 1295.png, 2 KB, 1299.png, 2 KB, 1304.png, 2 KB, 1309.png, 2 KB, 1313.png, 2 KB, 1318.png, 2 KB, 1323.png, 2 KB, 1328.png, 2 KB, 1332.png, 2 KB, 1337.png, 2 KB, 1342.png, 2 KB
Suspicious
True check_circle
Heuristics
IPs
hasIPs: False cancel
Allowed
Suspicious
hasAllowed: False cancel
hasSuspicious: False cancel

URLs
Allowed
hasURLs: False cancel
Suspicious
hasAllowed: False cancel
hasSuspicious: False cancel

Files
Allowed: user32.dll, mscoree.dll, webengine4.dll, winmm.dll
hasFiles: True check_circle
Suspicious
hasAllowed: True check_circle
hasSuspicious: False cancel

Binary
Sizes
RVA
RVA: 16
Suspicious: False cancel
Code
Size: 4096
Suspicious: False cancel
Image
Address: 4194304
Suspicious: False cancel
Stack
Stack: 4096
Suspicious: False cancel
Headers
Headers: 512
Suspicious: False cancel
Suspicious: False cancel

Symbols
Number
Number: 0
Suspicious: True check_circle
Pointer
Pointer: 0
Suspicious: True check_circle
Directories
Number: 16
Suspicious: False cancel

Checksum
Value: 0
Suspicous: True check_circle

Sections
Allowed: .text, .rsrc, .reloc
Suspicious
hasAllowed: True check_circle
hasSections: True check_circle
hasSuspicious: False cancel

Versions
OS
Version: 4
Suspicious: False cancel
Image
Version: True check_circle
Suspicious: 4
Linker
Version: 8.0
Suspicious: False cancel
Subsystem
Version: 4.0
Suspicious: False cancel
Suspicious: False cancel

EntryPoint
Address: 863438
Suspicious: False cancel

Anomalies
Anomalies: The header checksum and the calculated checksum do not match.
hasAnomalies: True check_circle

Libraries
Allowed: user32.dll, mscoree.dll, webengine4.dll, winmm.dll
hasLibs: True check_circle
Suspicious
hasAllowed: True check_circle
hasSuspicious: False cancel

Timestamp
Past: True check_circle
Valid: True check_circle
Value: 1973-03-20 10:13:46
Future: False cancel

Compilation
Packed: False cancel
Missing: False cancel
Packers
Compiled: True check_circle
Compilers: Microsoft Visual C# / Basic .NET, Microsoft Visual Studio .NET, .NET executable, Microsoft Visual C# v7.0 / Basic .NET

Obfuscation
XOR: False cancel
Fuzzing: True check_circle

PEDetector
Matches
None
Suspicious
False cancel
Disassembly
hasTricks
True check_circle
Tricks
pushret
.text: 581

pushpopmath
.rsrc: 2
.text: 531

ss register
.text: 6

garbagebytes
.text: 395

hookdetection
.text: 9

software breakpoint
.text: 10

fakeconditionaljumps
.text: 10

programcontrolflowchange
.text: 385

cpuinstructionsresultscomparison
.text: 12

AVclass
nettool
1
VirusTotal
md5
89c133d4a01d73783b7dd91c50dc7650
sha1
520ced7d35ab4c37493e728cfa62fa75baa63db0
SCANS (DETECTION RATE = 80.00%)
AVG
result: Win32:Trojan-gen
update: 20200805
version: 18.4.3895.0
detected: True check_circle

CMC
update: 20200805
version: 2.7.2019.1
detected: False cancel

MAX
result: malware (ai score=100)
update: 20200805
version: 2019.9.16.1
detected: True check_circle

APEX
result: Malicious
update: 20200804
version: 6.56
detected: True check_circle

Bkav
update: 20200805
version: 1.3.0.9899
detected: False cancel

K7GW
update: 20200805
version: 11.127.34901
detected: False cancel

ALYac
result: Trojan.Agent.HawkEye
update: 20200805
version: 1.1.1.5
detected: True check_circle

Avast
result: Win32:Trojan-gen
update: 20200805
version: 18.4.3895.0
detected: True check_circle

Avira
result: HEUR/AGEN.1101621
update: 20200805
version: 8.3.3.8
detected: True check_circle

Baidu
update: 20190318
version: 1.0.0.2
detected: False cancel

Cynet
result: Malicious (score: 85)
update: 20200805
version: 4.0.0.24
detected: True check_circle

Cyren
result: W32/Trojan.BEJ.gen!Eldorado
update: 20200805
version: 6.3.0.2
detected: True check_circle

DrWeb
result: Trojan.PWS.Stealer.23680
update: 20200805
version: 7.0.46.3050
detected: True check_circle

GData
result: Trojan.GenericKD.31576365
update: 20200805
version: A:25.26485B:27.19697
detected: True check_circle

Panda
result: Trj/Genetic.gen
update: 20200805
version: 4.6.4.2
detected: True check_circle

VBA32
update: 20200805
version: 4.4.1
detected: False cancel

VIPRE
result: Trojan.Win32.Generic!BT
update: 20200805
version: 85722
detected: True check_circle

Zoner
result: Trojan.Win32.74528
update: 20200805
version: 0.0.0.0
detected: True check_circle

ClamAV
update: 20200805
version: 0.102.4.0
detected: False cancel

Comodo
result: Malware@#399mhe5h3qya0
update: 20200728
version: 32668
detected: True check_circle

F-Prot
result: W32/Trojan.BEJ.gen!Eldorado
update: 20200805
version: 4.7.1.166
detected: True check_circle

Ikarus
result: Trojan.MSIL.Inject
update: 20200805
version: 0.1.5.2
detected: True check_circle

McAfee
result: PUP-XHM-KF
update: 20200805
version: 6.0.6.653
detected: True check_circle

Rising
result: Trojan.Kryptik!8.8 (CLOUD)
update: 20200805
version: 25.0.0.26
detected: True check_circle

Sophos
result: Generic PUA FC (PUA)
update: 20200805
version: 4.98.0
detected: True check_circle

Yandex
result: Trojan.Kryptik!ejxx4zWW8g8
update: 20200707
version: 5.5.2.24
detected: True check_circle

Zillya
result: Trojan.Kryptik.Win32.1574692
update: 20200805
version: 2.0.0.4148
detected: True check_circle

Acronis
update: 20200603
version: 1.1.1.76
detected: False cancel

Alibaba
result: Trojan:MSIL/Kryptik.ded29339
update: 20190527
version: 0.3.0.5
detected: True check_circle

Arcabit
result: Trojan.Generic.D1E1D12D
update: 20200805
version: 1.0.0.877
detected: True check_circle

Cylance
result: Unsafe
update: 20200805
version: 2.3.1.101
detected: True check_circle

Elastic
result: malicious (high confidence)
update: 20200727
version: 4.0.6
detected: True check_circle

FireEye
result: Generic.mg.89c133d4a01d7378
update: 20200805
version: 32.36.1.0
detected: True check_circle

Sangfor
result: Malware
update: 20200423
version: 1.0
detected: True check_circle

TACHYON
update: 20200805
version: 2020-08-05.02
detected: False cancel

Tencent
result: Win32.Trojan.Inject.Auto
update: 20200805
version: 1.0.0.1
detected: True check_circle

ViRobot
update: 20200805
version: 2014.3.20.0
detected: False cancel

Webroot
result: Trojan.Dropper.Gen
update: 20200805
version: 1.0.0.403
detected: True check_circle

eGambit
update: 20200805
detected: False cancel

Ad-Aware
result: Trojan.GenericKD.31576365
update: 20200805
version: 3.0.5.370
detected: True check_circle

AegisLab
result: Riskware.MSIL.Agent.1!c
update: 20200805
version: 4.2
detected: True check_circle

Emsisoft
result: Trojan.Crypt (A)
update: 20200805
version: 2018.12.0.1641
detected: True check_circle

F-Secure
result: Heuristic.HEUR/AGEN.1101621
update: 20200805
version: 12.0.86.52
detected: True check_circle

Fortinet
result: MSIL/Kryptik.QPE!tr
update: 20200805
version: 6.2.142.0
detected: True check_circle

Invincea
result: heuristic
update: 20200502
version: 6.3.6.26157
detected: True check_circle

Jiangmin
result: NetTool.MSIL.im
update: 20200805
version: 16.0.100
detected: True check_circle

Kingsoft
update: 20200805
version: 2013.8.14.323
detected: False cancel

Paloalto
result: generic.ml
update: 20200805
version: 1.0
detected: True check_circle

Symantec
result: ML.Attribute.HighConfidence
update: 20200805
version: 1.11.0.0
detected: True check_circle

AhnLab-V3
result: Trojan/Win32.MSIL.R220700
update: 20200805
version: 3.18.1.10026
detected: True check_circle

Antiy-AVL
result: RiskWare[NetTool]/MSIL.Agent
update: 20200805
version: 3.0.0.1
detected: True check_circle

Kaspersky
result: not-a-virus:HEUR:NetTool.MSIL.Agent.gen
update: 20200805
version: 15.0.1.13
detected: True check_circle

Microsoft
result: TrojanSpy:MSIL/Keylog.B
update: 20200805
version: 1.1.17300.4
detected: True check_circle

Qihoo-360
result: Win32/Virus.NetTool.e1f
update: 20200805
version: 1.0.0.1120
detected: True check_circle

ZoneAlarm
result: not-a-virus:HEUR:NetTool.MSIL.Agent.gen
update: 20200805
version: 1.0
detected: True check_circle

Cybereason
result: malicious.4a01d7
update: 20190616
version: 1.2.449
detected: True check_circle

ESET-NOD32
result: a variant of MSIL/Kryptik.QPE
update: 20200805
version: 21771
detected: True check_circle

TrendMicro
result: Trojan.MSIL.MALREP.THOABEAI
update: 20200805
version: 11.0.0.1006
detected: True check_circle

BitDefender
result: Trojan.GenericKD.31576365
update: 20200805
version: 7.2
detected: True check_circle

CrowdStrike
result: win/malicious_confidence_70% (W)
update: 20190702
version: 1.0
detected: True check_circle

K7AntiVirus
update: 20200805
version: 11.128.34908
detected: False cancel

SentinelOne
result: DFI - Malicious PE
update: 20200725
version: 4.4.0.0
detected: True check_circle

Malwarebytes
result: Spyware.PasswordStealer
update: 20200805
version: 3.6.4.335
detected: True check_circle

TotalDefense
update: 20200804
version: 37.1.62.1
detected: False cancel

CAT-QuickHeal
result: PUA.KeylogFC.S6053371
update: 20200805
version: 14.00
detected: True check_circle

NANO-Antivirus
result: Trojan.Win32.Stealer.fmlpzz
update: 20200805
version: 1.0.134.25119
detected: True check_circle

BitDefenderTheta
result: Gen:NN.ZemsilF.34152.0m0@aCL48So
update: 20200805
version: 7.2.37796.0
detected: True check_circle

MicroWorld-eScan
result: Trojan.GenericKD.31576365
update: 20200805
version: 14.0.409.0
detected: True check_circle

SUPERAntiSpyware
update: 20200731
version: 5.6.0.1032
detected: False cancel

TrendMicro-HouseCall
result: Trojan.MSIL.MALREP.THOABEAI
update: 20200805
version: 10.0.0.1040
detected: True check_circle

total
70
sha256
71ef2fa09dcdf76fddedf5850962b6ab048d98b80913ee0cdebe0830c1a611cc
scan_id
71ef2fa09dcdf76fddedf5850962b6ab048d98b80913ee0cdebe0830c1a611cc-1596658485
resource
89c133d4a01d73783b7dd91c50dc7650
positives
56
scan_date
2020-08-05 20:14:45
verbose_msg
Scan finished, information embedded
response_code
1