Binary
DLL False
Size 2.34MB
trid 26.8% InstallShield setup
25.8% Win32 EXE PECompact compressed 19.4% Win32 Executable MS Visual C++
17.2% Win64 Executable
4.0% Win32 Dynamic Link Library
type PE
wordsize 32
Subsystem Windows GUI
Hashes
md5 bdc95081431ac5a57c627333b9469115
sha1 fd19debe8f7dbec35939b9c1edcb519fbcfd3d6e
crc32 0xff892e74
sha224 8de4ec62252593b0c03c2b6b06bcf233964e45173fb544ea2f4d7cd7
sha256 01af2b435c53d006378c8b5353849e33e38f4c4233dac45b48813bf802eb45 05
sha384 389b8530c5a7fe92e10b76d02e7de197bb81ec3bdde5ae729fb51e212c5e4 8850f4a3d4acb57b14d76d466e06d2515b2
sha512 18dc98dba29b02091e3d4f9736f5288bbc565801e37ae110764677c128733 48b1f8658f5e676a504fef331fdc647b13a133036eef87afe9a92094298adb9 3159
ssdeep 49152:7PdIMoKUSgxr/nIiYWMf9dQnPoY20k0XgBq/bPEUpPhOZy+hz7FFUj9S D+swIOTz:7PdzSy5jKNOj+7
Report #335
Creation Date: Oct. 12, 2019, 1:47 a.m.
Last Update: Oct. 12, 2019, 2:50 a.m.
File:
031 Results:
Community
Google False
HashLib False
YARA
Matches IP, win_private_profile, Dropper_Strings, Intel_Virtualization_Wizard_exe, Bor land_Delphi_30_, SharedStrings, BASE64_table, escalate_priv, DebuggerExc eption__SetConsoleCtrl, Check_OutputDebugStringA_iat, network_dns, spre ading_share, network_tcp_listen, create_service, antisb_threatExpert, Micro soft_Visual_Cpp_v50v60_MFC, cred_local, network_http, win_token, IsPE32, win_files_operation, win_hook, disable_dep, contentis_base64, network_tcp _socket, SEH__vectored, screenshot, Borland_Delphi_v40_v50, keylogger, w in_mutex, Borland_Delphi_40_additional, DebuggerCheck__GlobalFlags, Mis c_Suspicious_Strings, Borland_Delphi_40, migrate_apc, IsWindowsGUI, Chec k_Dlls, DebuggerHiding__Thread, network_udp_sock, anti_dbg, Borland_Del phi_Setup_Module, Borland_Delphi_DLL, DebuggerCheck__QueryInfo, url, an droid_meterpreter, win_registry, Typical_Malware_String_Transforms, HasOv erlay, network_dga, Advapi_Hash_API, Borland_Delphi_30_additional, Borlan d_Delphi_v30, Big_Numbers5, System_Tools, create_com_service, powershe ll, Big_Numbers0
Suspicious True
Strings
List
<rdf:Description rdf:about="uuid:cf09c8e3-7814-11dc-b3b7-80a45141ec24" xmlns:pdf="http://ns.adobe.com/pdf/
1.3/">
<rdf:Description rdf:about="uuid:b58a55db-7817-11dc-b3b7-80a45141ec24" xmlns:pdf="http://ns.adobe.com/pdf/
1.3/">
<rdf:Description rdf:about="uuid:6f03c386-7819-11dc-b3b7-80a45141ec24" xmlns:pdf="http://ns.adobe.com/pdf/
1.3/">
<rdf:Description rdf:about="uuid:880b6202-923d-11dc-bf0f-889ae1191ecf" xmlns:pdf="http://ns.adobe.com/pdf/1.
3/">
<rdf:Description rdf:about="uuid:b1be9614-923d-11dc-bf0f-889ae1191ecf" xmlns:pdf="http://ns.adobe.com/pdf/1.
3/">
<rdf:Description rdf:about="uuid:9ec20a53-923d-11dc-bf0f-889ae1191ecf" xmlns:pdf="http://ns.adobe.com/pdf/1.
3/">
<rdf:Description rdf:about="uuid:0bbddd83-7818-11dc-b3b7-80a45141ec24" xmlns:stRef="http://ns.adobe.com/x ap/1.0/sType/ResourceRef#" xmlns:xapMM="http://ns.adobe.com/xap/1.0/mm/">
<rdf:Description rdf:about="uuid:0bbddd7d-7818-11dc-b3b7-80a45141ec24" xmlns:stRef="http://ns.adobe.com/x ap/1.0/sType/ResourceRef#" xmlns:xapMM="http://ns.adobe.com/xap/1.0/mm/">
<rdf:Description rdf:about="uuid:df90b7af-923d-11dc-bf0f-889ae1191ecf" xmlns:pdf="http://ns.adobe.com/pdf/1.3 /">
<rdf:Description rdf:about="uuid:0bbddd7d-7818-11dc-b3b7-80a45141ec24" xmlns:pdf="http://ns.adobe.com/pdf/
1.3/">
<rdf:Description rdf:about="uuid:0bbddd83-7818-11dc-b3b7-80a45141ec24" xmlns:pdf="http://ns.adobe.com/pdf/
1.3/">
<rdf:Description rdf:about="uuid:6f03c386-7819-11dc-b3b7-80a45141ec24" xmlns:stRef="http://ns.adobe.com/xa p/1.0/sType/ResourceRef#" xmlns:xapMM="http://ns.adobe.com/xap/1.0/mm/">
<rdf:Description rdf:about="uuid:b58a55db-7817-11dc-b3b7-80a45141ec24" xmlns:stRef="http://ns.adobe.com/x ap/1.0/sType/ResourceRef#" xmlns:xapMM="http://ns.adobe.com/xap/1.0/mm/">
<rdf:Description rdf:about="uuid:cf09c8e3-7814-11dc-b3b7-80a45141ec24" xmlns:xap="http://ns.adobe.com/xap/
1.0/">
<rdf:Description rdf:about="uuid:b58a55db-7817-11dc-b3b7-80a45141ec24" xmlns:xap="http://ns.adobe.com/xa p/1.0/">
<rdf:Description rdf:about="uuid:70e47554-7818-11dc-b3b7-80a45141ec24" xmlns:xap="http://ns.adobe.com/xa p/1.0/">
<rdf:Description rdf:about="uuid:6f03c386-7819-11dc-b3b7-80a45141ec24" xmlns:xap="http://ns.adobe.com/xap /1.0/">
<rdf:Description rdf:about="uuid:70e4755a-7818-11dc-b3b7-80a45141ec24" xmlns:xap="http://ns.adobe.com/xa p/1.0/">
<rdf:Description rdf:about="uuid:70e47554-7818-11dc-b3b7-80a45141ec24" xmlns:stRef="http://ns.adobe.com/x ap/1.0/sType/ResourceRef#" xmlns:xapMM="http://ns.adobe.com/xap/1.0/mm/">
<rdf:Description rdf:about="uuid:70e4755a-7818-11dc-b3b7-80a45141ec24" xmlns:stRef="http://ns.adobe.com/x ap/1.0/sType/ResourceRef#" xmlns:xapMM="http://ns.adobe.com/xap/1.0/mm/">
<rdf:Description rdf:about="uuid:70e47554-7818-11dc-b3b7-80a45141ec24" xmlns:pdf="http://ns.adobe.com/pdf/
1.3/">
<rdf:Description rdf:about="uuid:1acf7d56-923e-11dc-bf0f-889ae1191ecf" xmlns:pdf="http://ns.adobe.com/pdf/1.
3/">
<rdf:Description rdf:about="uuid:70e4755a-7818-11dc-b3b7-80a45141ec24" xmlns:pdf="http://ns.adobe.com/pdf/
1.3/">
</dc:rights></rdf:Description><rdf:Description rdf:about="uuid:faf5bdd5-ba3d-11da-ad31-d33d75182f1b" xmlns:
tiff="http://ns.adobe.com/tiff/1.0/"/><rdf:Description rdf:about="uuid:faf5bdd5-ba3d-11da-ad31-d33d75182f1b" x mlns:exif="http://ns.adobe.com/exif/1.0/"/></rdf:RDF></x:xmpmeta>
</dc:rights></rdf:Description><rdf:Description rdf:about="uuid:faf5bdd5-ba3d-11da-ad31-d33d75182f1b" xmlns:
tiff="http://ns.adobe.com/tiff/1.0/"/><rdf:Description rdf:about="uuid:faf5bdd5-ba3d-11da-ad31-d33d75182f1b" x mlns:exif="http://ns.adobe.com/exif/1.0/"/></rdf:RDF></x:xmpmeta>
<rdf:Description rdf:about="uuid:df90b7af-923d-11dc-bf0f-889ae1191ecf" xmlns:xapMM="http://ns.adobe.com/xa p/1.0/mm/">
<rdf:Description rdf:about="uuid:880b6202-923d-11dc-bf0f-889ae1191ecf" xmlns:xapMM="http://ns.adobe.com/x ap/1.0/mm/">
<rdf:Description rdf:about="uuid:b1be9614-923d-11dc-bf0f-889ae1191ecf" xmlns:xap="http://ns.adobe.com/xap/
1.0/">
<rdf:Description rdf:about="uuid:c8e53c53-923d-11dc-bf0f-889ae1191ecf" xmlns:xap="http://ns.adobe.com/xap/1 .0/">
<rdf:Description rdf:about="uuid:9ec20a53-923d-11dc-bf0f-889ae1191ecf" xmlns:xapMM="http://ns.adobe.com/x ap/1.0/mm/">
<rdf:Description rdf:about="uuid:1acf7d56-923e-11dc-bf0f-889ae1191ecf" xmlns:xapMM="http://ns.adobe.com/xa p/1.0/mm/">
<rdf:Description rdf:about="uuid:9ec20a53-923d-11dc-bf0f-889ae1191ecf" xmlns:xap="http://ns.adobe.com/xap/1 .0/">
<rdf:Description rdf:about="uuid:c8e53c53-923d-11dc-bf0f-889ae1191ecf" xmlns:xapMM="http://ns.adobe.com/x ap/1.0/mm/">
<rdf:Description rdf:about="uuid:b1be9614-923d-11dc-bf0f-889ae1191ecf" xmlns:xapMM="http://ns.adobe.com/x ap/1.0/mm/">
<rdf:Description rdf:about="uuid:880b6202-923d-11dc-bf0f-889ae1191ecf" xmlns:xap="http://ns.adobe.com/xap/
1.0/">
<rdf:Description rdf:about="uuid:df90b7af-923d-11dc-bf0f-889ae1191ecf" xmlns:xap="http://ns.adobe.com/xap/1.
0/">
<rdf:Description rdf:about="uuid:cf09c8e3-7814-11dc-b3b7-80a45141ec24" xmlns:xapMM="http://ns.adobe.com/
xap/1.0/mm/">
<rdf:Description rdf:about="uuid:1acf7d56-923e-11dc-bf0f-889ae1191ecf" xmlns:xap="http://ns.adobe.com/xap/1 .0/">
<rdf:Description rdf:about="uuid:9ec20a53-923d-11dc-bf0f-889ae1191ecf" xmlns:tiff="http://ns.adobe.com/tiff/1.0 /">
<rdf:Description rdf:about="uuid:b1be9614-923d-11dc-bf0f-889ae1191ecf" xmlns:tiff="http://ns.adobe.com/tiff/1.
0/">
<rdf:Description rdf:about="uuid:df90b7af-923d-11dc-bf0f-889ae1191ecf" xmlns:tiff="http://ns.adobe.com/tiff/1.0/
">
<rdf:Description rdf:about="uuid:c8e53c53-923d-11dc-bf0f-889ae1191ecf" xmlns:pdf="http://ns.adobe.com/pdf/1.
3/">
<rdf:Description rdf:about="uuid:1acf7d56-923e-11dc-bf0f-889ae1191ecf" xmlns:tiff="http://ns.adobe.com/tiff/1.0 /">
<rdf:Description rdf:about="uuid:cf09c8e3-7814-11dc-b3b7-80a45141ec24" xmlns:tiff="http://ns.adobe.com/tiff/1.
0/">
<rdf:Description rdf:about="uuid:6f03c386-7819-11dc-b3b7-80a45141ec24" xmlns:tiff="http://ns.adobe.com/tiff/1 .0/">
<rdf:Description rdf:about="uuid:880b6202-923d-11dc-bf0f-889ae1191ecf" xmlns:tiff="http://ns.adobe.com/tiff/1.
0/">
<rdf:Description rdf:about="uuid:b58a55db-7817-11dc-b3b7-80a45141ec24" xmlns:tiff="http://ns.adobe.com/tiff/
1.0/">
<rdf:Description rdf:about="uuid:c8e53c53-923d-11dc-bf0f-889ae1191ecf" xmlns:exif="http://ns.adobe.com/exif/1 .0/">
<rdf:Description rdf:about="uuid:70e4755a-7818-11dc-b3b7-80a45141ec24" xmlns:tiff="http://ns.adobe.com/tiff/
1.0/">
<rdf:Description rdf:about="uuid:70e47554-7818-11dc-b3b7-80a45141ec24" xmlns:tiff="http://ns.adobe.com/tiff/
1.0/">
<rdf:Description rdf:about="uuid:0bbddd7d-7818-11dc-b3b7-80a45141ec24" xmlns:xap="http://ns.adobe.com/xa p/1.0/">
<rdf:Description rdf:about="uuid:0bbddd83-7818-11dc-b3b7-80a45141ec24" xmlns:xap="http://ns.adobe.com/xa p/1.0/">
<rdf:Description rdf:about="uuid:0bbddd83-7818-11dc-b3b7-80a45141ec24" xmlns:tiff="http://ns.adobe.com/tiff/
1.0/">
<rdf:Description rdf:about="uuid:0bbddd7d-7818-11dc-b3b7-80a45141ec24" xmlns:tiff="http://ns.adobe.com/tiff/
1.0/">
<rdf:Description rdf:about="uuid:c8e53c53-923d-11dc-bf0f-889ae1191ecf" xmlns:tiff="http://ns.adobe.com/tiff/1.0 /">
<rdf:Description rdf:about="uuid:b1be9614-923d-11dc-bf0f-889ae1191ecf" xmlns:exif="http://ns.adobe.com/exif/
1.0/">
<rdf:Description rdf:about="uuid:880b6202-923d-11dc-bf0f-889ae1191ecf" xmlns:exif="http://ns.adobe.com/exif/
1.0/">
<rdf:Description rdf:about="uuid:1acf7d56-923e-11dc-bf0f-889ae1191ecf" xmlns:exif="http://ns.adobe.com/exif/1.
0/">
<rdf:Description rdf:about="uuid:9ec20a53-923d-11dc-bf0f-889ae1191ecf" xmlns:exif="http://ns.adobe.com/exif/1 .0/">
<rdf:Description rdf:about="uuid:df90b7af-923d-11dc-bf0f-889ae1191ecf" xmlns:exif="http://ns.adobe.com/exif/1.
0/">
<rdf:Description rdf:about="uuid:1acf7d56-923e-11dc-bf0f-889ae1191ecf" xmlns:photoshop="http://ns.adobe.com /photoshop/1.0/">
<rdf:Description rdf:about="uuid:b58a55db-7817-11dc-b3b7-80a45141ec24" xmlns:photoshop="http://ns.adobe.c om/photoshop/1.0/">
<rdf:Description rdf:about="uuid:9ec20a53-923d-11dc-bf0f-889ae1191ecf" xmlns:photoshop="http://ns.adobe.co m/photoshop/1.0/">
<rdf:Description rdf:about="uuid:cf09c8e3-7814-11dc-b3b7-80a45141ec24" xmlns:photoshop="http://ns.adobe.co m/photoshop/1.0/">
<rdf:Description rdf:about="uuid:c8e53c53-923d-11dc-bf0f-889ae1191ecf" xmlns:photoshop="http://ns.adobe.co m/photoshop/1.0/">
<rdf:Description rdf:about="uuid:70e47554-7818-11dc-b3b7-80a45141ec24" xmlns:photoshop="http://ns.adobe.c om/photoshop/1.0/">
<rdf:Description rdf:about="uuid:6f03c386-7819-11dc-b3b7-80a45141ec24" xmlns:photoshop="http://ns.adobe.co m/photoshop/1.0/">
<rdf:Description rdf:about="uuid:880b6202-923d-11dc-bf0f-889ae1191ecf" xmlns:photoshop="http://ns.adobe.co m/photoshop/1.0/">
<rdf:Description rdf:about="uuid:df90b7af-923d-11dc-bf0f-889ae1191ecf" xmlns:photoshop="http://ns.adobe.com
/photoshop/1.0/">
<rdf:Description rdf:about="uuid:b1be9614-923d-11dc-bf0f-889ae1191ecf" xmlns:photoshop="http://ns.adobe.co m/photoshop/1.0/">
<rdf:Description rdf:about="uuid:70e4755a-7818-11dc-b3b7-80a45141ec24" xmlns:photoshop="http://ns.adobe.c om/photoshop/1.0/">
<rdf:Description rdf:about="uuid:70e47554-7818-11dc-b3b7-80a45141ec24" xmlns:exif="http://ns.adobe.com/exif /1.0/">
<rdf:Description rdf:about="uuid:b58a55db-7817-11dc-b3b7-80a45141ec24" xmlns:exif="http://ns.adobe.com/exif /1.0/">
<rdf:Description rdf:about="uuid:70e4755a-7818-11dc-b3b7-80a45141ec24" xmlns:exif="http://ns.adobe.com/exif /1.0/">
<rdf:Description rdf:about="uuid:6f03c386-7819-11dc-b3b7-80a45141ec24" xmlns:exif="http://ns.adobe.com/exif/
1.0/">
<rdf:Description rdf:about="uuid:cf09c8e3-7814-11dc-b3b7-80a45141ec24" xmlns:exif="http://ns.adobe.com/exif/
1.0/">
<rdf:Description rdf:about="uuid:0bbddd7d-7818-11dc-b3b7-80a45141ec24" xmlns:exif="http://ns.adobe.com/exi f/1.0/">
<rdf:Description rdf:about="uuid:0bbddd83-7818-11dc-b3b7-80a45141ec24" xmlns:exif="http://ns.adobe.com/exi f/1.0/">
<rdf:Description rdf:about="uuid:0bbddd83-7818-11dc-b3b7-80a45141ec24" xmlns:photoshop="http://ns.adobe.c om/photoshop/1.0/">
<rdf:Description rdf:about="uuid:0bbddd7d-7818-11dc-b3b7-80a45141ec24" xmlns:photoshop="http://ns.adobe.c om/photoshop/1.0/">
qhttp://ns.adobe.com/xap/1.0/
qhttp://ns.adobe.com/xap/1.0/
http://ns.adobe.com/xap/1.0/
http://ns.adobe.com/xap/1.0/
http://ns.adobe.com/xap/1.0/
http://ns.adobe.com/xap/1.0/
http://ns.adobe.com/xap/1.0/
http://ns.adobe.com/xap/1.0/
http://ns.adobe.com/xap/1.0/
=http://ns.adobe.com/xap/1.0/
=http://ns.adobe.com/xap/1.0/
=http://ns.adobe.com/xap/1.0/
=http://ns.adobe.com/xap/1.0/
=http://ns.adobe.com/xap/1.0/
=http://ns.adobe.com/xap/1.0/
<rdf:Description rdf:about="uuid:1acf7d56-923e-11dc-bf0f-889ae1191ecf" xmlns:dc="http://purl.org/dc/elements/
1.1/">
<dpiAware xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">true</dpiAware>
<dpiAware xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">true</dpiAware>
<dpiAware xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">true</dpiAware>
<dpiAware xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">true</dpiAware>
Foremost
Matches 0.exe, 343 KB
Suspicious True
Heuristics
IPs hasIPs: True
Allowed: 3.9.139.161, 1, ec2-3-9-139-161.eu-west-2.compute.amazonaws.
com.
Suspicious
hasAllowed: True hasSuspicious: False
URLs Allowed
hasURLs: False Suspicious
hasAllowed: False hasSuspicious: False
Files Allowed: ADVAPI32.dll, msvcrt.dll, ntdll.dll, NMM.dll, KERNEL32.dll, GDI32.d ll, USER32.dll
hasFiles: True Suspicious
hasAllowed: True hasSuspicious: False
Binary
Sizes RVA
RVA: 16
Suspicious: False Code
Size: 296448 Suspicious: False Image
Address: 4194304 Suspicious: False Stack
Stack: 4096 Suspicious: False Headers
Headers: 1024 Suspicious: False Suspicious: False
Symbols Number
Number: 0
Suspicious: True Pointer
Pointer: 0
Suspicious: True Directories Number: 16 Suspicious: False
Checksum Value: 392668
Suspicous: False
Sections Allowed: .text, .data, .rdata, .bss, .idata, .crt, .tls, .rsrc
Suspicious
hasAllowed: True hasSections: True hasSuspicious: False
Versions OS
Version: 4
Suspicious: False Image
Version: False Suspicious: 4 Linker
Version: 2.23 Suspicious: False Subsystem
Version: 4.0 Suspicious: False Suspicious: False
EntryPoint Address: 11212
Suspicious: False
Anomalies Anomalies: The header checksum and the calculated checksum do not ma tch.
hasAnomalies: True
Libraries Allowed: advapi32.dll, msvcrt.dll, ntdll.dll, kernel32.dll, gdi32.dll, user32.dl l
hasLibs: True Suspicious: nmm.dll hasAllowed: True hasSuspicious: True
Timestamp Past: False
Valid: True
Value: 2011-04-27 11:15:48 Future: False
Compilation Packed: False
Missing: False Packers
Compiled: True
Compilers: Borland Delphi 3.0 (???), Borland Delphi 4.0
Obfuscation XOR: True
Fuzzing: False
PEDetector
Matches None
Suspicious False
Disassembly
hasTricks True
Tricks
pushret .data: 69
.rsrc: 2 .text: 4 .rdata: 65
nopsequence .text: 207
pushpopmath .data: 46
.text: 1 .rdata: 40
ss register .rdata: 1
garbagebytes .data: 24
.text: 4 .rdata: 26
hookdetection .data: 3
.rdata: 2
software breakpoint .data: 2
fakeconditionaljumps .data: 1 .text: 2 .rdata: 1
programcontrolflowchange .data: 23 .text: 4 .rdata: 25
cpuinstructionsresultscomparison .data: 3 .rdata: 1
AVclass
kovter 1
VirusTotal
md5 bdc95081431ac5a57c627333b9469115
sha1 fd19debe8f7dbec35939b9c1edcb519fbcfd3d6e
SCANS (DETECTION RATE = 75.71%)
AVG result: Win32:Malware-gen
update: 20190912 version: 18.4.3895.0 detected: True
CMC update: 20190321
version: 1.1.0.977 detected: False
MAX result: malware (ai score=82)
update: 20190912 version: 2018.9.12.1 detected: True
APEX result: Malicious
update: 20190910 version: 5.62 detected: True
Bkav update: 20190911
version: 1.3.0.10239 detected: False
K7GW result: Trojan ( 0050b0231 )
update: 20190911 version: 11.66.31978 detected: True
ALYac result: Trojan.GenericKD.4800676
update: 20190912 version: 1.1.1.5 detected: True
Avast result: Win32:Malware-gen
update: 20190912 version: 18.4.3895.0 detected: True
Avira result: HEUR/AGEN.1018722
update: 20190912 version: 8.3.3.8 detected: True
Baidu update: 20190318
version: 1.0.0.2 detected: False
Cyren result: W32/Kovter.T.gen!Eldorado
update: 20190912 version: 6.2.0.1 detected: True
DrWeb result: Trojan.SpyBot.703
update: 20190912 version: 7.0.41.7240 detected: True
GData result: Win32.Trojan.Kovter.MUKZJH
update: 20190912
version: A:25.23353B:26.16009 detected: True
Panda result: Trj/CI.A
update: 20190911 version: 4.6.4.2 detected: True
VBA32 result: BScope.Trojan.Bagsu
update: 20190911 version: 4.0.0 detected: True
VIPRE result: Trojan.Win32.Kovter.ab (v)
update: 20190912 version: 77812 detected: True
Zoner update: 20190911
version: 1.0.0.1 detected: False
ClamAV update: 20190911 version: 0.101.4.0 detected: False
Comodo update: 20190912
version: 31462 detected: False
F-Prot result: W32/Kovter.T.gen!Eldorado
update: 20190912 version: 4.7.1.166 detected: True
Ikarus result: Trojan.Win32.Crypt
update: 20190911 version: 0.1.5.2 detected: True
McAfee result: GenericRXBE-ZR!BDC95081431A
update: 20190912 version: 6.0.6.653 detected: True
Rising result: Ransom.Tovicrypt!8.9F4B (TFE:2:xno2oS6q7gQ) update: 20190912
version: 25.0.0.24 detected: True
Sophos result: Mal/Generic-S
update: 20190912 version: 4.98.0 detected: True
Yandex result: Trojan.Agent!jro3XfNjwFk
update: 20190910 version: 5.5.2.24 detected: True
Zillya result: Trojan.Kryptik.Win32.1417972
update: 20190911 version: 2.0.0.3898 detected: True
Acronis result: suspicious
update: 20190904 version: 1.1.1.56 detected: True
Alibaba result: Trojan:Win32/Kovter.cb7515d5 update: 20190527
version: 0.3.0.5 detected: True
Arcabit result: Trojan.Generic.D4940A4
update: 20190912 version: 1.0.0.856 detected: True
Cylance result: Unsafe
update: 20190912 version: 2.3.1.101 detected: True
Endgame result: malicious (high confidence) update: 20190819
version: 3.0.14 detected: True
FireEye result: Generic.mg.bdc95081431ac5a5
update: 20190912 version: 29.7.0.0 detected: True
TACHYON update: 20190912
version: 2019-09-12.02 detected: False
Tencent update: 20190912
version: 1.0.0.1 detected: False
ViRobot result: Trojan.Win32.Z.Kovter.2451570 update: 20190911
version: 2014.3.20.0 detected: True
Webroot update: 20190912
version: 1.0.0.403 detected: False
eGambit result: Trojan.Generic
update: 20190912 version: v5.0.5 detected: True
Ad-Aware result: Trojan.GenericKD.4800676 update: 20190912
version: 3.0.5.370 detected: True
AegisLab result: Trojan.Win32.Generic.4!c update: 20190912
version: 4.2 detected: True
Emsisoft result: Trojan.GenericKD.4800676 (B) update: 20190912
version: 2018.12.0.1641 detected: True
F-Secure result: Heuristic.HEUR/AGEN.1018722
update: 20190912 version: 12.0.86.52 detected: True
Fortinet result: W32/GenKryptik.ACZR!tr
update: 20190912 version: 5.4.247.0 detected: True
Invincea update: 20190904
version: 6.3.6.26157 detected: False
Jiangmin update: 20190912
version: 16.0.100 detected: False
Kingsoft update: 20190912
version: 2013.8.14.323 detected: False
Paloalto result: generic.ml
update: 20190912 version: 1.0 detected: True
Symantec result: Ransom.Kovter
update: 20190912 version: 1.10.0.0 detected: True
Trapmine result: malicious.high.ml.score update: 20190826
version: 3.1.81.800 detected: True
AhnLab-V3 result: Trojan/Win32.Poweliks.R211930 update: 20190911
version: 3.16.1.25089 detected: True
Antiy-AVL result: Trojan/Win32.Poweliks update: 20190912
version: 3.0.0.1 detected: True
Kaspersky result: HEUR:Trojan.Win32.Generic update: 20190912
version: 15.0.1.13 detected: True
Microsoft result: Trojan:Win32/Kovter.I update: 20190912
version: 1.1.16300.1 detected: True
Qihoo-360 update: 20190912
version: 1.0.0.1120 detected: False
ZoneAlarm result: HEUR:Trojan.Win32.Generic update: 20190912
version: 1.0 detected: True
Cybereason result: malicious.1431ac
update: 20190616 version: 1.2.449 detected: True
ESET-NOD32 result: a variant of Win32/Kryptik.FRCN update: 20190912
version: 20005 detected: True
TrendMicro result: TROJ_GEN.R002C0DI619
update: 20190912 version: 11.0.0.1006
detected: True
BitDefender result: Trojan.GenericKD.4800676 update: 20190912
version: 7.2 detected: True
CrowdStrike result: win/malicious_confidence_100% (W) update: 20190702
version: 1.0 detected: True
K7AntiVirus result: Trojan ( 0050b0231 ) update: 20190912
version: 11.66.31985 detected: True
SentinelOne result: DFI - Malicious PE update: 20190807 version: 1.0.31.22 detected: True
Avast-Mobile update: 20190911
version: 190911-02 detected: False
Malwarebytes update: 20190912
version: 2.1.1.1115 detected: False
TotalDefense update: 20190912
version: 37.1.62.1 detected: False
CAT-QuickHeal result: Trojan.Generic update: 20190909 version: 14.00 detected: True
NANO-Antivirus result: Virus.Win32.Gen.ccmw update: 20190912
version: 1.0.134.24859 detected: True
MicroWorld-eScan result: Trojan.GenericKD.4800676 update: 20190912
version: 14.0.297.0
detected: True
SUPERAntiSpyware update: 20190906
version: 5.6.0.1032 detected: False
McAfee-GW-Edition result: GenericRXBE-ZR!BDC95081431A update: 20190911
version: v2017.3010 detected: True
TrendMicro-HouseCall result: TROJ_GEN.R002C0DI619 update: 20190912
version: 10.0.0.1040 detected: True
total 70
sha256 01af2b435c53d006378c8b5353849e33e38f4c4233dac45b48813bf802eb45 05
scan_id 01af2b435c53d006378c8b5353849e33e38f4c4233dac45b48813bf802eb45 05-1568270761
resource bdc95081431ac5a57c627333b9469115
permalink https://www.virustotal.com/file/01af2b435c53d006378c8b5353849e33e38f 4c4233dac45b48813bf802eb4505/analysis/1568270761/
positives 53
scan_date 2019-09-12 06:46:01
verbose_msg Scan finished, information embedded
response_code 1
Results
Random Forest detected: TBD confidence: TBD