System currently contains 114,975,347 malware samples.
| b0c0e142ea62fc1106e9c87ed3edeaf2672c2b2f63ee980e234994f64bade96f |
| VirusShare info last updated 2026-07-13 00:00:03 UTC |
|
|
| MD5 | 2e8ff5b9b5a8e5e3432a78689ffa28c9 |
| SHA1 | 7e1870ef37238d44f308451210d5eca01bd56ded |
| SHA256 | b0c0e142ea62fc1106e9c87ed3edeaf2672c2b2f63ee980e234994f64bade96f |
| SSDeep | 3072:TxucEu6xTrEbICtI7DTcAOx/EmT3kg30eIhCWSCu1NIopzqth5Lt6VRvKxi:TYdrEhtI7DTkx/hT393pJT1zTXYi |
| Authentihash | 7649ff3e0cc7a5dbcf4c7ea4683f9913a33f6515b467e63fbf8e8934a5075ca1 |
| Size | 9,250,906 bytes |
| File Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| Mime Type | application/x-dosexec |
| Extension | exe |
| TrID | Windows Control Panel Item (generic) (31.4%) InstallShield setup (23.5%) Win32 Executable MS Visual C++ (generic) (17.0%) Microsoft Visual C++ compiled executable (generic) (9.0%) Win64 Executable (generic) (5.7%)
|
Detections (29/70) | | APEX | Malicious | | AVG | Win32:Malware-gen | | AhnLab-V3 | Malware/Win.Swisyn.R781210 | | Antiy-AVL | Trojan/Win32.Swisyn | | Avast | Win32:Malware-gen | | Bkav | W32.Malware.C7EDA10D | | ClamAV | Win.Malware.Swisyn-7008263-0 | | CrowdStrike | win/malicious_confidence_90% (D) | | Cylance | Unsafe | | Cynet | Malicious (score: 100) | | DeepInstinct | MALICIOUS | | DrWeb | Trojan.Muldrop8.54295 | | Elastic | malicious (high confidence) | | Fortinet | W32/Swisyn.R!tr | | Google | Detected | | Gridinsoft | Trojan.Heur!.03202201 | | Kingsoft | malware.kb.a.991 | | Malwarebytes | Malware.AI.3905647283 | | MaxSecure | Trojan.Malware.121218.susgen | | McAfeeD | Real Protect-LS!2E8FF5B9B5A8 | | Microsoft | Trojan:Win32/RootkitRevealer.SL!MTB | | NANO-Antivirus | Trojan.Win32.Swisyn.eyqdml | | Panda | Trj/Genetic.gen | | Sangfor | Trojan.Win32.Save.a | | SentinelOne | Static AI - Malicious PE | | Sophos | ML/PE-A | | Symantec | ML.Attribute.HighConfidence | | Varist | W32/Swisyn.R.gen!Eldorado | | Webroot | W32.Trojan.Gen | | VirusTotal Report submitted 2026-06-24 21:39:25 UTC |
|
| ExIF Data | | CharacterSet | Unicode | | CodeSize | 151552 | | Comments | | | CompanyName | Sysinternals - www.sysinternals.com | | EntryPoint | 0x8adef3 | | FileDescription | Rootkit detection utility | | FileFlags | (none) | | FileFlagsMask | 0x003f | | FileOS | Windows NT 32-bit | | FileSize | 8.8 MB | | FileSubtype | 0 | | FileType | Win32 EXE | | FileTypeExtension | exe | | FileVersion | 1.7 | | FileVersionNumber | 1.70.0.0 | | ImageFileCharacteristics | Executable, No line numbers, No symbols, 32-bit | | ImageVersion | 0 | | InitializedDataSize | 102400 | | InternalName | | | LanguageCode | English (U.S.) | | LegalCopyright | Copyright (C) 2005-2006 Bryce Cogswell and Mark Russinovich | | LegalTrademarks | | | LinkerVersion | 6 | | MIMEType | application/octet-stream | | MachineType | Intel 386 or later, and compatibles | | OSVersion | 4 | | ObjectFileType | Executable application | | OriginalFileName | | | PEType | PE32 | | PrivateBuild | | | ProductName | Sysinternals Rootkitrevealer | | ProductVersion | 1.7 | | ProductVersionNumber | 1.70.0.0 | | SpecialBuild | | | Subsystem | Windows GUI | | SubsystemVersion | 4 | | TimeStamp | 2006:02:01 23:02:14+00:00 | | UninitializedDataSize | 0 |
|