VirusShare.com

VirusShare.com - Because Sharing is Caring

Home • Hashes • Research • About • Swag Shop

Account: Login

Please login to search and download.

System currently contains 108,316,219 malware samples.

Report for a sample recently added to the system:

81a127c1ded39b72cb53b2150ef42e1a96dad72de568689738ed10b43ceb3572
VirusShare info last updated 2026-01-21 00:00:01 UTC

Detected by 57 engines

MD5 158c994a5541e48cf9388fa3816c5bcf

SHA1 c7b1d26c194dc9d073b71406cbd753465e2b904f

SHA256 81a127c1ded39b72cb53b2150ef42e1a96dad72de568689738ed10b43ceb3572
SSDeep 3072:hb3uhnk4Nn++oIWaY+13Vdmi3ZYIA35aDrm9GoWTtcr3ZRq4HO0dG237/FnncrdW:h0nk4Z++xWaY+dVYiJYIMKm4omcrpRHS
Authentihash 37bd2fd2541b1cc5c1a3e6902c72539d02ec44ab2c4541ab8fc2c6afb0cbd6ae
Size 143,318 bytes

File Type PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows

Mime Type application/x-dosexec
Extension exe
TrID Microsoft Visual C++ compiled executable (generic) (32.2%)
Win64 Executable (generic) (20.5%)
Win32 Dynamic Link Library (generic) (12.8%)
Win16 NE executable (generic) (9.8%)
Win32 Executable (generic) (8.7%)
Detections
(57/71)
ALYac Gen:Variant.Application.babar.21970
APEX Malicious
AVG Win32:Banker-LAA [Trj]
Acronis suspicious
AhnLab-V3 PUP/Win32.Snojan.R217833
Antiy-AVL Trojan[Downloader]/Win32.Snojan.eiqu
Arcabit Trojan.Application.babar.D55D2
Avast Win32:Banker-LAA [Trj]
BitDefender Gen:Variant.Application.babar.21970
Bkav W32.AIDetectMalware
CAT-QuickHeal Trojan.AgentbIH.S20216328
CTX exe.unknown.babar
ClamAV Win.Malware.Cymt-10023133-0
CrowdStrike win/malicious_confidence_100% (D)
Cylance Unsafe
Cynet Malicious (score: 100)
DeepInstinct MALICIOUS
DrWeb Tool.Snojan.1
ESET-NOD32 Win32/Agent.AAEF trojan
Elastic malicious (high confidence)
Emsisoft Gen:Variant.Application.babar.21970 (B)
Fortinet W32/Agent.AAEF!tr
GData Win32.Application.Snojan.A
Google Detected
Gridinsoft Trojan.Win32.Agent.oa!s1
Ikarus Trojan.Win32.Agent
Jiangmin Downloader.Snojan.adp
K7AntiVirus Trojan ( 005c835f1 )
K7GW Trojan ( 005464da1 )
Kaspersky Flooder.Win32.CoreWarrior.x
Kingsoft malware.kb.a.859
Malwarebytes Trojan.Xorist
MaxSecure Virus.W32.CoreWarrior.a_S01
McAfeeD ti!81A127C1DED3
MicroWorld-eScan Gen:Variant.Application.babar.21970
Microsoft Trojan:Win32/CoreWarrior.DA!MTB
Panda Trj/Genetic.gen
Rising Trojan.Agent!1.DEC9 (CLASSIC)
SUPERAntiSpyware Trojan.Agent/Gen-Banker
Sangfor Trojan.Win32.Save.a
SentinelOne Static AI - Malicious PE
Skyhigh BehavesLike.Win32.FE_Trojan_Win.ch
Sophos Troj/Flooder-FQ
Symantec Hacktool.Flooder
Tencent Trojan-DL.Win32.Small.hae
TrellixENS GenericRXWN-SW!158C994A5541
TrendMicro-HouseCall Trojan.Win32.VSX.PE04C9t
VBA32 BScope.Trojan.Agentb
VIPRE Gen:Variant.Application.babar.21970
Varist W32/Trojan.OJFL-7110
VirIT Trojan.Win32.Agent.CWE
Webroot W32.Malware.gen
Yandex Trojan.GenAsa!+IN19GpQULE
Zillya Trojan.Agent.Win32.3885903
ZoneAlarm Troj/Flooder-FQ
alibabacloud Trojan[downloader]:Win/Nemucod.f70c2531
huorong TrojanDownloader/Small.es
VirusTotal Report submitted 2026-01-18 01:49:23 UTC
ExIF Data
CodeSize 118784
EntryPoint 0x1130
FileSize 140 kB
FileType Win32 EXE
FileTypeExtension exe
ImageFileCharacteristics Executable, No line numbers, No symbols, 32-bit, No debug
ImageVersion 1
InitializedDataSize 22528
LinkerVersion 2.56
MIMEType application/octet-stream
MachineType Intel 386 or later, and compatibles
OSVersion 4
PEType PE32
Subsystem Windows command line
SubsystemVersion 4
TimeStamp 2014:07:01 18:02:13+00:00
UninitializedDataSize 512