System currently contains 114,360,659 malware samples.
| 28bf01a1990d2bed0045d6b1f40a731d77873c32a6d47798874261c1d2e62b6e |
| VirusShare info last updated 2026-06-23 00:00:00 UTC |
|
|
| MD5 | 8e00766f4d0f45ad46153487d8ebe6a5 |
| SHA1 | 62583fd02288fa9af8ec8cf3986f53480444c702 |
| SHA256 | 28bf01a1990d2bed0045d6b1f40a731d77873c32a6d47798874261c1d2e62b6e |
| SSDeep | 24576:e9C0XrUMFDsTB6vGPG2LW+P+mzRe+rYsVbjV0z:e9C0Xgfe2DRe+rZVbjU |
| Authentihash | 103eab485a570b26dd570c6128538375da81283df57500cfa1c8a1e99d7996b4 |
| Size | 912,490 bytes |
| File Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| Mime Type | application/x-dosexec |
| Extension | exe |
| TrID | Win32 EXE Yoda's Crypter (39.4%)
Microsoft Visual C++ compiled executable (generic) (24.5%)
Win32 Dynamic Link Library (generic) (9.7%)
Win16 NE executable (generic) (7.4%)
Win32 Executable (generic) (6.6%)
|
Detections
(46/54) | | ALYac | Trojan.Crypt.EJ | | APEX | Malicious | | Acronis | suspicious | | AhnLab-V3 | Worm/Win32.Socks.R74682 | | Antiy-AVL | Trojan[Ransom]/Win32.Blocker | | Arcabit | Trojan.Crypt.EJ | | Avira | TR/Crypt.XDR.Gen | | Bkav | W32.FamVT.SockTTc.Worm | | CAT-QuickHeal | Trojan.GenericPMF.S19863639 | | CTX | exe.trojan.crypt | | ClamAV | Win.Worm.Socks-10 | | CrowdStrike | win/malicious_confidence_100% (D) | | Cylance | Unsafe | | Cynet | Malicious (score: 100) | | DeepInstinct | MALICIOUS | | DrWeb | BackDoor.FireOn.51 | | Elastic | malicious (high confidence) | | Emsisoft | Trojan.Crypt.EJ (B) | | F-Secure | Trojan.TR/Crypt.XDR.Gen | | Fortinet | W32/Socks.NAK!tr | | GData | Win32.Trojan.PSE1.1TH90A0 | | Google | Detected | | Jiangmin | Worm/Socks.cg | | K7AntiVirus | Password-Stealer ( 00023ecb1 ) | | K7GW | Password-Stealer ( 00023ecb1 ) | | Kingsoft | malware.kb.a.1000 | | Malwarebytes | Sock.Backdoor.Bot.DDS | | McAfeeD | Real Protect-LS!8E00766F4D0F | | MicroWorld-eScan | Trojan.Crypt.EJ | | Microsoft | Trojan:Win32/Socks!pz | | NANO-Antivirus | Trojan.Win32.Socks.ddcdzy | | Rising | Stealer.Agent!1.BC5D (CLASSIC) | | Sangfor | Suspicious.Win32.Save.a | | SentinelOne | Static AI - Malicious PE | | Sophos | Troj/Agent-BHEU | | Tencent | Backdoor.Win32.Koceg.wa | | Trapmine | malicious.high.ml.score | | VIPRE | Trojan.Crypt.EJ | | Varist | W32/Socks.A.gen!Eldorado | | ViRobot | Worm.Win32.Socks.129137 | | Webroot | W32.Worm.Socks | | Xcitium | TrojWare.Win32.PSW.Agent.NHG@9m6f | | ZoneAlarm | Troj/Agent-BHEU | | alibabacloud | RansomWare:Win/Psw.88e1675c | | huorong | Trojan/Malex.e | | tehtris | Generic.Malware | | VirusTotal Report submitted 2026-06-21 20:12:40 UTC |
|
| ExIF Data | | CodeSize | 0 | | EntryPoint | 0x2b818 | | FileSize | 891 kB | | FileType | Win32 EXE | | FileTypeExtension | exe | | ImageFileCharacteristics | No relocs, Executable, No line numbers, No symbols, 32-bit | | ImageVersion | 0 | | InitializedDataSize | 25088 | | LinkerVersion | 6 | | MIMEType | application/octet-stream | | MachineType | Intel 386 or later, and compatibles | | OSVersion | 4 | | PEType | PE32 | | Subsystem | Windows GUI | | SubsystemVersion | 4 | | TimeStamp | 2008:03:24 17:31:42+00:00 | | UninitializedDataSize | 149504 |
|
