7caa500b60a536d7501e7a6c02408538
Hash
- MD5: 7caa500b60a536d7501e7a6c02408538
- SHA1: fc64e8ee470dce02945bce7e897cce78983eefdd
- SHA256: e777a78c907979591ae858a825b46d5e16754aa803cc7f284fd7709bccafadcc
- First Seen: 2017-08-24
- Last Seen: 2017-08-24
-
1
Related Reports
-
0
Related IOCs
Additional Information
VirusTotal
{
"data": {
"id": "e777a78c907979591ae858a825b46d5e16754aa803cc7f284fd7709bccafadcc",
"type": "file",
"links": {
"self": "https://www.virustotal.com/api/v3/files/e777a78c907979591ae858a825b46d5e16754aa803cc7f284fd7709bccafadcc"
},
"attributes": {
"type_tag": "peexe",
"last_analysis_stats": {
"malicious": 37,
"suspicious": 0,
"undetected": 35,
"harmless": 0,
"timeout": 0,
"confirmed-timeout": 0,
"failure": 1,
"type-unsupported": 2
},
"first_submission_date": 1500942929,
"type_description": "Win32 EXE",
"last_submission_date": 1500945782,
"tags": [
"peexe"
],
"sha1": "fc64e8ee470dce02945bce7e897cce78983eefdd",
"trid": [
{
"file_type": "Win32 Executable MS Visual C++ (generic)",
"probability": 34.6
},
{
"file_type": "Win64 Executable (generic)",
"probability": 30.6
},
{
"file_type": "Win16 NE executable (generic)",
"probability": 15.6
},
{
"file_type": "Win32 Dynamic Link Library (generic)",
"probability": 7.3
},
{
"file_type": "Win32 Executable (generic)",
"probability": 5.0
}
],
"vhash": "094056655d15551az4f7z304jz57z",
"md5": "7caa500b60a536d7501e7a6c02408538",
"first_seen_itw_date": 1502386855,
"pe_info": {
"timestamp": 1498491383,
"imphash": "e87734b4ab493a453b2015d37010129b",
"machine_type": 332,
"entry_point": 21161,
"resource_details": [
{
"lang": "ENGLISH US",
"chi2": 3958.6474609375,
"filetype": "ASCII text",
"entropy": 4.795973777770996,
"sha256": "49a60be4b95b6d30da355a0c124af82b35000bce8f24f957d1c09ead47544a1e",
"type": "RT_MANIFEST"
}
],
"resource_langs": {
"ENGLISH US": 1
},
"resource_types": {
"RT_MANIFEST": 1
},
"sections": [
{
"name": ".text",
"chi2": 378687.13,
"virtual_address": 4096,
"flags": "rx",
"raw_size": 62464,
"entropy": 6.58,
"virtual_size": 61992,
"md5": "9c0a9d5fa960d92acac567b2f45848ec"
},
{
"name": ".rdata",
"chi2": 263508.75,
"virtual_address": 69632,
"flags": "r",
"raw_size": 14848,
"entropy": 5.78,
"virtual_size": 14674,
"md5": "9e53f0e71829d9771ca7c6b89a06987d"
},
{
"name": ".data",
"chi2": 710451.63,
"virtual_address": 86016,
"flags": "rw",
"raw_size": 4608,
"entropy": 2.15,
"virtual_size": 11968,
"md5": "6e2d2204670b0cc1dcf7953d185652e0"
},
{
"name": ".rsrc",
"chi2": 5159.0,
"virtual_address": 98304,
"flags": "r",
"raw_size": 512,
"entropy": 5.1,
"virtual_size": 436,
"md5": "bd818411e8499957c9e7bf18e6e80a50"
},
{
"name": ".reloc",
"chi2": 395936.06,
"virtual_address": 102400,
"flags": "r",
"raw_size": 6656,
"entropy": 4.49,
"virtual_size": 6428,
"md5": "ca83c681214d8039ea2cdfaade33dcb0"
}
],
"import_list": [
{
"library_name": "KERNEL32.dll",
"imported_functions": [
"GetLastError",
"InitializeCriticalSectionAndSpinCount",
"HeapFree",
"GetStdHandle",
"EnterCriticalSection",
"LCMapStringW",
"SetHandleCount",
"TerminateThread",
"WaitForSingleObject",
"GetOEMCP",
"LCMapStringA",
"IsDebuggerPresent",
"GetTickCount",
"TlsAlloc",
"GetEnvironmentStringsW",
"FlushFileBuffers",
"LoadLibraryA",
"RtlUnwind",
"GetModuleFileNameA",
"GetLocalTime",
"GetACP",
"FreeEnvironmentStringsA",
"CreatePipe",
"GetStartupInfoA",
"GetEnvironmentStrings",
"GetConsoleMode",
"GetLocaleInfoA",
"GetCurrentProcessId",
"GetConsoleOutputCP",
"WriteConsoleW",
"OpenFileMappingA",
"UnhandledExceptionFilter",
"InterlockedDecrement",
"MultiByteToWideChar",
"HeapSize",
"SetStdHandle",
"FreeEnvironmentStringsW",
"GetCPInfo",
"GetCommandLineA",
"GetProcAddress",
"TlsFree",
"GetProcessHeap",
"GetConsoleCP",
"ExitProcess",
"RaiseException",
"CreateThread",
"GetStringTypeA",
"SetFilePointer",
"DeleteCriticalSection",
"ReadFile",
"SetUnhandledExceptionFilter",
"WriteFile",
"GetCurrentProcess",
"CloseHandle",
"GetSystemTimeAsFileTime",
"GetSystemDirectoryA",
"HeapReAlloc",
"GetStringTypeW",
"GetModuleHandleW",
"TerminateProcess",
"CreateProcessA",
"QueryPerformanceCounter",
"WideCharToMultiByte",
"IsValidCodePage",
"HeapCreate",
"VirtualFree",
"WriteConsoleA",
"TlsGetValue",
"Sleep",
"GetFileType",
"SetEndOfFile",
"TlsSetValue",
"CreateFileA",
"HeapAlloc",
"GetCurrentThreadId",
"InterlockedIncrement",
"VirtualAlloc",
"SetLastError",
"LeaveCriticalSection"
]
},
{
"library_name": "WS2_32.dll",
"imported_functions": [
"ntohl",
"__WSAFDIsSet",
"closesocket",
"inet_addr",
"recv"
]
},
{
"library_name": "ole32.dll",
"imported_functions": [
"CoCreateInstance",
"CoInitialize",
"CoSetProxyBlanket"
]
},
{
"library_name": "OLEAUT32.dll",
"imported_functions": [
"SysFreeString",
"VariantClear",
"VariantInit",
"SysAllocString"
]
}
]
},
"unique_sources": 2,
"names": [
"log.php"
],
"last_modification_date": 1724425395,
"magic": "PE32 executable for MS Windows (GUI) Intel 80386 32-bit",
"creation_date": 1498491383,
"authentihash": "4906c5cdad228298acd8882934d06ba5d4022269642ce07d7fef60266f085155",
"times_submitted": 2,
"ssdeep": "1536:zq7vvyRt/GQ/hdYbP+tsHi8DXP3Er/MrgIj5vF7w5T/k:O7vv2xjhd2+/YBjf7w5Tc",
"type_tags": [
"executable",
"windows",
"win32",
"pe",
"peexe"
],
"sha256": "e777a78c907979591ae858a825b46d5e16754aa803cc7f284fd7709bccafadcc",
"last_analysis_date": 1595377344,
"last_analysis_results": {
"Bkav": {
"method": "blacklist",
"engine_name": "Bkav",
"engine_version": "1.3.0.9899",
"engine_update": "20200721",
"category": "undetected",
"result": null
},
"MicroWorld-eScan": {
"method": "blacklist",
"engine_name": "MicroWorld-eScan",
"engine_version": "14.0.409.0",
"engine_update": "20200722",
"category": "malicious",
"result": "Gen:Variant.Fugrafa.10612"
},
"FireEye": {
"method": "blacklist",
"engine_name": "FireEye",
"engine_version": "32.36.1.0",
"engine_update": "20200722",
"category": "malicious",
"result": "Gen:Variant.Fugrafa.10612"
},
"McAfee": {
"method": "blacklist",
"engine_name": "McAfee",
"engine_version": "6.0.6.653",
"engine_update": "20200722",
"category": "malicious",
"result": "Artemis!7CAA500B60A5"
},
"ALYac": {
"method": "blacklist",
"engine_name": "ALYac",
"engine_version": "1.1.1.5",
"engine_update": "20200722",
"category": "malicious",
"result": "Trojan.Agent.90112R"
},
"Cylance": {
"method": "blacklist",
"engine_name": "Cylance",
"engine_version": "2.3.1.101",
"engine_update": "20200722",
"category": "malicious",
"result": "Unsafe"
},
"Zillya": {
"method": "blacklist",
"engine_name": "Zillya",
"engine_version": "2.0.0.4134",
"engine_update": "20200721",
"category": "malicious",
"result": "Trojan.Katusha.Win32.49012"
},
"SUPERAntiSpyware": {
"method": "blacklist",
"engine_name": "SUPERAntiSpyware",
"engine_version": "5.6.0.1032",
"engine_update": "20200717",
"category": "undetected",
"result": null
},
"Sangfor": {
"method": "blacklist",
"engine_name": "Sangfor",
"engine_version": "1.0",
"engine_update": "20200423",
"category": "undetected",
"result": null
},
"K7AntiVirus": {
"method": "blacklist",
"engine_name": "K7AntiVirus",
"engine_version": "11.123.34770",
"engine_update": "20200721",
"category": "undetected",
"result": null
},
"Alibaba": {
"method": "blacklist",
"engine_name": "Alibaba",
"engine_version": "0.3.0.5",
"engine_update": "20190527",
"category": "undetected",
"result": null
},
"K7GW": {
"method": "blacklist",
"engine_name": "K7GW",
"engine_version": "11.123.34770",
"engine_update": "20200721",
"category": "undetected",
"result": null
},
"Cybereason": {
"method": "blacklist",
"engine_name": "Cybereason",
"engine_version": "1.2.449",
"engine_update": "20190616",
"category": "malicious",
"result": "malicious.b60a53"
},
"Arcabit": {
"method": "blacklist",
"engine_name": "Arcabit",
"engine_version": "1.0.0.877",
"engine_update": "20200721",
"category": "malicious",
"result": "Trojan.Fugrafa.D2974"
},
"Invincea": {
"method": "blacklist",
"engine_name": "Invincea",
"engine_version": "6.3.6.26157",
"engine_update": "20200502",
"category": "undetected",
"result": null
},
"Baidu": {
"method": "blacklist",
"engine_name": "Baidu",
"engine_version": "1.0.0.2",
"engine_update": "20190318",
"category": "undetected",
"result": null
},
"F-Prot": {
"method": "blacklist",
"engine_name": "F-Prot",
"engine_version": "4.7.1.166",
"engine_update": "20200721",
"category": "undetected",
"result": null
},
"Symantec": {
"method": "blacklist",
"engine_name": "Symantec",
"engine_version": "1.11.0.0",
"engine_update": "20200721",
"category": "malicious",
"result": "ML.Attribute.HighConfidence"
},
"TotalDefense": {
"method": "blacklist",
"engine_name": "TotalDefense",
"engine_version": "37.1.62.1",
"engine_update": "20200721",
"category": "undetected",
"result": null
},
"APEX": {
"method": "blacklist",
"engine_name": "APEX",
"engine_version": "6.49",
"engine_update": "20200720",
"category": "malicious",
"result": "Malicious"
},
"Avast": {
"method": "blacklist",
"engine_name": "Avast",
"engine_version": "18.4.3895.0",
"engine_update": "20200722",
"category": "undetected",
"result": null
},
"ClamAV": {
"method": "blacklist",
"engine_name": "ClamAV",
"engine_version": "0.102.4.0",
"engine_update": "20200721",
"category": "undetected",
"result": null
},
"GData": {
"method": "blacklist",
"engine_name": "GData",
"engine_version": "A:25.26307B:27.19532",
"engine_update": "20200722",
"category": "malicious",
"result": "Gen:Variant.Fugrafa.10612"
},
"Kaspersky": {
"method": "blacklist",
"engine_name": "Kaspersky",
"engine_version": "15.0.1.13",
"engine_update": "20200722",
"category": "malicious",
"result": "HEUR:Trojan.Win32.Generic"
},
"BitDefender": {
"method": "blacklist",
"engine_name": "BitDefender",
"engine_version": "7.2",
"engine_update": "20200721",
"category": "malicious",
"result": "Gen:Variant.Fugrafa.10612"
},
"NANO-Antivirus": {
"method": "blacklist",
"engine_name": "NANO-Antivirus",
"engine_version": "1.0.134.25119",
"engine_update": "20200722",
"category": "malicious",
"result": "Trojan.Win32.Agent.ernbap"
},
"Paloalto": {
"method": "blacklist",
"engine_name": "Paloalto",
"engine_version": "1.0",
"engine_update": "20200722",
"category": "malicious",
"result": "generic.ml"
},
"ViRobot": {
"method": "blacklist",
"engine_name": "ViRobot",
"engine_version": "2014.3.20.0",
"engine_update": "20200721",
"category": "malicious",
"result": "Trojan.Win32.Agent.90112.FS"
},
"Tencent": {
"method": "blacklist",
"engine_name": "Tencent",
"engine_version": "1.0.0.1",
"engine_update": "20200722",
"category": "undetected",
"result": null
},
"Endgame": {
"method": "blacklist",
"engine_name": "Endgame",
"engine_version": "4.0.5",
"engine_update": "20200608",
"category": "undetected",
"result": null
},
"TACHYON": {
"method": "blacklist",
"engine_name": "TACHYON",
"engine_version": "2020-07-21.03",
"engine_update": "20200721",
"category": "undetected",
"result": null
},
"Sophos": {
"method": "blacklist",
"engine_name": "Sophos",
"engine_version": "4.98.0",
"engine_update": "20200721",
"category": "malicious",
"result": "Mal/Generic-S"
},
"Comodo": {
"method": "blacklist",
"engine_name": "Comodo",
"engine_version": "32648",
"engine_update": "20200721",
"category": "malicious",
"result": "Malware@#30k25grhg8wal"
},
"F-Secure": {
"method": "blacklist",
"engine_name": "F-Secure",
"engine_version": "12.0.86.52",
"engine_update": "20200721",
"category": "undetected",
"result": null
},
"DrWeb": {
"method": "blacklist",
"engine_name": "DrWeb",
"engine_version": "7.0.46.3050",
"engine_update": "20200722",
"category": "undetected",
"result": null
},
"VIPRE": {
"method": "blacklist",
"engine_name": "VIPRE",
"engine_version": "85370",
"engine_update": "20200722",
"category": "malicious",
"result": "Trojan.Win32.Generic!BT"
},
"TrendMicro": {
"method": "blacklist",
"engine_name": "TrendMicro",
"engine_version": "11.0.0.1006",
"engine_update": "20200722",
"category": "malicious",
"result": "TROJ_KRYPTIK.XXUGI"
},
"Trapmine": {
"method": "blacklist",
"engine_name": "Trapmine",
"engine_version": "3.5.0.987",
"engine_update": "20200619",
"category": "malicious",
"result": "suspicious.low.ml.score"
},
"CMC": {
"method": "blacklist",
"engine_name": "CMC",
"engine_version": "2.7.2019.1",
"engine_update": "20200721",
"category": "undetected",
"result": null
},
"Emsisoft": {
"method": "blacklist",
"engine_name": "Emsisoft",
"engine_version": "2018.12.0.1641",
"engine_update": "20200721",
"category": "malicious",
"result": "Gen:Variant.Fugrafa.10612 (B)"
},
"SentinelOne": {
"method": "blacklist",
"engine_name": "SentinelOne",
"engine_version": "4.4.0.281",
"engine_update": "20200721",
"category": "undetected",
"result": null
},
"Cyren": {
"method": "blacklist",
"engine_name": "Cyren",
"engine_version": "6.3.0.2",
"engine_update": "20200722",
"category": "undetected",
"result": null
},
"Jiangmin": {
"method": "blacklist",
"engine_name": "Jiangmin",
"engine_version": "16.0.100",
"engine_update": "20200722",
"category": "malicious",
"result": "Trojan.Generic.bhluy"
},
"Webroot": {
"method": "blacklist",
"engine_name": "Webroot",
"engine_version": "1.0.0.403",
"engine_update": "20200722",
"category": "undetected",
"result": null
},
"Avira": {
"method": "blacklist",
"engine_name": "Avira",
"engine_version": "8.3.3.8",
"engine_update": "20200722",
"category": "undetected",
"result": null
},
"Antiy-AVL": {
"method": "blacklist",
"engine_name": "Antiy-AVL",
"engine_version": "3.0.0.1",
"engine_update": "20200722",
"category": "malicious",
"result": "Trojan/Win32.AGeneric"
},
"Kingsoft": {
"method": "blacklist",
"engine_name": "Kingsoft",
"engine_version": "2013.8.14.323",
"engine_update": "20200722",
"category": "undetected",
"result": null
},
"Microsoft": {
"method": "blacklist",
"engine_name": "Microsoft",
"engine_version": "1.1.17200.2",
"engine_update": "20200722",
"category": "malicious",
"result": "Trojan:Win32/Sehyioa.A!cl"
},
"Ad-Aware": {
"method": "blacklist",
"engine_name": "Ad-Aware",
"engine_version": "3.0.5.370",
"engine_update": "20200722",
"category": "malicious",
"result": "Gen:Variant.Fugrafa.10612"
},
"Lionic": {
"method": "blacklist",
"engine_name": "AegisLab",
"engine_version": "4.2",
"engine_update": "20200721",
"category": "malicious",
"result": "Trojan.Win32.Generic.4!c"
},
"ZoneAlarm": {
"method": "blacklist",
"engine_name": "ZoneAlarm",
"engine_version": "1.0",
"engine_update": "20200722",
"category": "malicious",
"result": "HEUR:Trojan.Win32.Generic"
},
"Avast-Mobile": {
"method": "blacklist",
"engine_name": "Avast-Mobile",
"engine_version": "200721-00",
"engine_update": "20200721",
"category": "undetected",
"result": null
},
"Cynet": {
"method": "blacklist",
"engine_name": "Cynet",
"engine_version": "4.0.0.24",
"engine_update": "20200721",
"category": "undetected",
"result": null
},
"AhnLab-V3": {
"method": "blacklist",
"engine_name": "AhnLab-V3",
"engine_version": "3.18.1.10026",
"engine_update": "20200721",
"category": "malicious",
"result": "Trojan/Win32.Rifdoor.R205228"
},
"Acronis": {
"method": "blacklist",
"engine_name": "Acronis",
"engine_version": "1.1.1.76",
"engine_update": "20200603",
"category": "undetected",
"result": null
},
"BitDefenderTheta": {
"method": "blacklist",
"engine_name": "BitDefenderTheta",
"engine_version": "7.2.37796.0",
"engine_update": "20200714",
"category": "malicious",
"result": "Gen:NN.ZexaF.34136.fuW@ai2i6Kki"
},
"MAX": {
"method": "blacklist",
"engine_name": "MAX",
"engine_version": "2019.9.16.1",
"engine_update": "20200722",
"category": "malicious",
"result": "malware (ai score=100)"
},
"VBA32": {
"method": "blacklist",
"engine_name": "VBA32",
"engine_version": "4.4.1",
"engine_update": "20200721",
"category": "malicious",
"result": "BScope.Trojan.Tiggre"
},
"Malwarebytes": {
"method": "blacklist",
"engine_name": "Malwarebytes",
"engine_version": "3.6.4.335",
"engine_update": "20200722",
"category": "undetected",
"result": null
},
"Zoner": {
"method": "blacklist",
"engine_name": "Zoner",
"engine_version": "0.0.0.0",
"engine_update": "20200722",
"category": "undetected",
"result": null
},
"ESET-NOD32": {
"method": "blacklist",
"engine_name": "ESET-NOD32",
"engine_version": "21694",
"engine_update": "20200722",
"category": "undetected",
"result": null
},
"TrendMicro-HouseCall": {
"method": "blacklist",
"engine_name": "TrendMicro-HouseCall",
"engine_version": "10.0.0.1040",
"engine_update": "20200722",
"category": "malicious",
"result": "TROJ_KRYPTIK.XXUGI"
},
"Rising": {
"method": "blacklist",
"engine_name": "Rising",
"engine_version": "25.0.0.26",
"engine_update": "20200722",
"category": "malicious",
"result": "Trojan.Generic!8.C3 (CLOUD)"
},
"Yandex": {
"method": "blacklist",
"engine_name": "Yandex",
"engine_version": "5.5.2.24",
"engine_update": "20200707",
"category": "undetected",
"result": null
},
"Ikarus": {
"method": "blacklist",
"engine_name": "Ikarus",
"engine_version": "0.1.5.2",
"engine_update": "20200721",
"category": "undetected",
"result": null
},
"eGambit": {
"method": "blacklist",
"engine_name": "eGambit",
"engine_version": null,
"engine_update": "20200722",
"category": "undetected",
"result": null
},
"Fortinet": {
"method": "blacklist",
"engine_name": "Fortinet",
"engine_version": "6.2.142.0",
"engine_update": "20200722",
"category": "malicious",
"result": "W32/Generic!tr"
},
"MaxSecure": {
"method": "blacklist",
"engine_name": "MaxSecure",
"engine_version": "1.0.0.1",
"engine_update": "20200622",
"category": "undetected",
"result": null
},
"AVG": {
"method": "blacklist",
"engine_name": "AVG",
"engine_version": "18.4.3895.0",
"engine_update": "20200722",
"category": "malicious",
"result": "FileRepMalware"
},
"Panda": {
"method": "blacklist",
"engine_name": "Panda",
"engine_version": "4.6.4.2",
"engine_update": "20200721",
"category": "malicious",
"result": "Trj/GdSda.A"
},
"CrowdStrike": {
"method": "blacklist",
"engine_name": "CrowdStrike",
"engine_version": "1.0",
"engine_update": "20190702",
"category": "undetected",
"result": null
},
"Qihoo-360": {
"method": "blacklist",
"engine_name": "Qihoo-360",
"engine_version": "1.0.0.1120",
"engine_update": "20200722",
"category": "undetected",
"result": null
},
"McAfee-GW-Edition": {
"method": "blacklist",
"engine_name": "McAfee-GW-Edition",
"engine_version": null,
"engine_update": "20200721",
"category": "failure",
"result": null
},
"Trustlook": {
"method": "blacklist",
"engine_name": "Trustlook",
"engine_version": "1.0",
"engine_update": "20200722",
"category": "type-unsupported",
"result": null
},
"SymantecMobileInsight": {
"method": "blacklist",
"engine_name": "SymantecMobileInsight",
"engine_version": "2.0",
"engine_update": "20200701",
"category": "type-unsupported",
"result": null
}
},
"type_extension": "exe",
"total_votes": {
"harmless": 0,
"malicious": 0
},
"meaningful_name": "log.php",
"size": 90112,
"reputation": 0
}
}
}