├── libs ├── __init__.py ├── skeleton.py ├── threatexpert.py ├── threatcrowdinfo.py ├── otx.py ├── vt.py └── nsrl.py ├── notes └── Notes.pdf ├── autorequirements.txt ├── requirements.txt ├── LICENSE ├── sampleconfig.conf ├── sampledata ├── smallerlist.txt ├── largerlist.txt ├── smallerlist.csv └── largerlist.csv ├── Contributing.md ├── .gitignore ├── fileintel.py └── README.md /libs/__init__.py: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /notes/Notes.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/keithjjones/fileintel/HEAD/notes/Notes.pdf -------------------------------------------------------------------------------- /autorequirements.txt: -------------------------------------------------------------------------------- 1 | requests==2.11.1 2 | threatcrowd==0.4 3 | virustotal_api==1.1.2 4 | beautifulsoup4==4.5.1 5 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | requests[security] 2 | git+https://github.com/AlienVault-Labs/OTX-Python-SDK.git 3 | -r autorequirements.txt 4 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Creative Commons BY-SA 2 | 3 | https://creativecommons.org/licenses/by-sa/4.0/ 4 | https://creativecommons.org/licenses/by-sa/4.0/legalcode 5 | -------------------------------------------------------------------------------- /sampleconfig.conf: -------------------------------------------------------------------------------- 1 | [VirusTotal] 2 | PublicAPI: YOURAPIKEY 3 | 4 | [PassiveTotal] 5 | Username: YOURUSERNAME 6 | PublicAPI: YOURAPIKEY 7 | 8 | [Shodan] 9 | PublicAPI: YOURAPIKEY 10 | 11 | [Censys] 12 | Secret: YOURSECRET 13 | PublicAPI: YOURAPIKEY 14 | 15 | [OTX] 16 | PublicAPI: YOURAPIKEY 17 | 18 | [NSRL] 19 | Path: YOURPATHHERE 20 | 21 | [7Zip] 22 | Path: YOURPATHHERE -------------------------------------------------------------------------------- /sampledata/smallerlist.txt: -------------------------------------------------------------------------------- 1 | 275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f 2 | 001025c6d4974fb2ccbea56f710282aca6c1353cc7120d5d4a7853688084953a 3 | 001025c6d4974fb2ccbea56f710282aca6c1353cc7120d5d4a7853688084953b 4 | 92945627f32dfde376ffb7091b5faad2 5 | 92945627f32dfde376ffb7091b5faad1 6 | CEEF161D68AE2B690FA9616361271578 7 | D41D8CD98F00B204E9800998ECF8427E 8 | B284A42B124849E71DBEF653D30229F1 9 | 0322A0BA58B95DB9A2227F12D193FDDEA74CFF89 10 | E02CE6D73156A11BA84A798B26DE1D12 11 | B4ED7AEDACD28CBBDE6978FB09C22C75 12 | C6336EA255EFA7371337C0882D175BEE44CBBD49 13 | -------------------------------------------------------------------------------- /libs/skeleton.py: -------------------------------------------------------------------------------- 1 | # 2 | # Skeleton Intelligence Source Module 3 | # 4 | 5 | # 6 | # INCLUDES 7 | # 8 | 9 | # 10 | # CLASSES 11 | # 12 | 13 | 14 | class Skeleton(object): 15 | """ 16 | Class to hold Skeleton items. 17 | """ 18 | def __init__(self): 19 | pass 20 | 21 | def add_headers(self, inputheaders): 22 | """ 23 | Adds appropriate headers to input list. 24 | """ 25 | pass 26 | 27 | def add_row(self, filehash, inputrow): 28 | """ 29 | Adds the pulled data to the input row. 30 | """ 31 | pass 32 | -------------------------------------------------------------------------------- /Contributing.md: -------------------------------------------------------------------------------- 1 | # Contributing 2 | 3 | Fork, edit, and send me a merge request to the "devel" branch. 4 | 5 | Modules are stored in the "libs" directory. Each module for a new intelligence source 6 | requires two functions: 7 | 8 | ``` 9 | add_headers(self,inputheaders) 10 | ``` 11 | 12 | and 13 | 14 | ``` 15 | add_rows(self,filehash,inputrow) 16 | ``` 17 | 18 | The first function will add the headers associated with the particular 19 | module to the list of overall headers output by fileintel given by 20 | "inputheaders". The second function will perform the lookup and add 21 | the data to the row "inputrow". "inputrow" is then output by the main 22 | script in CSV format. See the existing modules for examples. 23 | 24 | An example skeleton module has been added to the "libs" directory for you. 25 | 26 | After adding your module, you can add the functionality to the overall "fileintel.py" 27 | script with the appropriate logic for your intelligence resource. 28 | -------------------------------------------------------------------------------- /libs/threatexpert.py: -------------------------------------------------------------------------------- 1 | # 2 | # INCLUDES 3 | # 4 | import bs4 5 | import requests 6 | 7 | # 8 | # CLASSES 9 | # 10 | 11 | 12 | class ThreatExpert(object): 13 | """ 14 | Class to hold ThreatExpert items. 15 | """ 16 | def __init__(self): 17 | self.baseurl = "http://www.threatexpert.com/reports.aspx?find=" 18 | 19 | def add_headers(self, inputheaders): 20 | """ 21 | Adds appropriate headers to input list. 22 | """ 23 | inputheaders.append("ThreatExpert URL") 24 | inputheaders.append("ThreatExpert Findings") 25 | 26 | def add_row(self, filehash, inputrow): 27 | """ 28 | Adds the pulled data to the input row. 29 | """ 30 | threatexperturl = self.baseurl+filehash 31 | threatexpertfindings = "" 32 | 33 | src = requests.get(threatexperturl) 34 | soup = bs4.BeautifulSoup(src.text, 'html.parser') 35 | 36 | TextResults = soup.find("span", id="txtResults") 37 | 38 | if ('no ThreatExpert reports found' in 39 | TextResults.text): 40 | threatexperturl = "N/A" 41 | else: 42 | rows = soup.find("span", id="txtResults").find_all("tr") 43 | 44 | for row in rows: 45 | finding = row.find_all("td")[3].text 46 | if ("(not available)" not in finding and 47 | "Findings" not in finding): 48 | threatexpertfindings += finding + "\n" 49 | 50 | threatexpertfindings = threatexpertfindings.rstrip("\n") 51 | 52 | inputrow.append(threatexperturl) 53 | inputrow.append(threatexpertfindings) 54 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Emacs Temp Files 2 | *~ 3 | *# 4 | 5 | # Mac Files 6 | .DS_Store 7 | 8 | # Local Directory 9 | local/ 10 | 11 | # Don't save VIM files 12 | *.swp 13 | 14 | # Byte-compiled / optimized / DLL files 15 | __pycache__/ 16 | *.py[cod] 17 | *$py.class 18 | 19 | # C extensions 20 | *.so 21 | 22 | # Distribution / packaging 23 | .Python 24 | env/ 25 | build/ 26 | develop-eggs/ 27 | dist/ 28 | downloads/ 29 | eggs/ 30 | .eggs/ 31 | lib/ 32 | lib64/ 33 | parts/ 34 | sdist/ 35 | var/ 36 | *.egg-info/ 37 | .installed.cfg 38 | *.egg 39 | 40 | # PyInstaller 41 | # Usually these files are written by a python script from a template 42 | # before PyInstaller builds the exe, so as to inject date/other infos into it. 43 | *.manifest 44 | *.spec 45 | 46 | # Installer logs 47 | pip-log.txt 48 | pip-delete-this-directory.txt 49 | 50 | # Unit test / coverage reports 51 | htmlcov/ 52 | .tox/ 53 | .coverage 54 | .coverage.* 55 | .cache 56 | nosetests.xml 57 | coverage.xml 58 | *,cover 59 | .hypothesis/ 60 | 61 | # Translations 62 | *.mo 63 | *.pot 64 | 65 | # Django stuff: 66 | *.log 67 | local_settings.py 68 | 69 | # Flask stuff: 70 | instance/ 71 | .webassets-cache 72 | 73 | # Scrapy stuff: 74 | .scrapy 75 | 76 | # Sphinx documentation 77 | docs/_build/ 78 | 79 | # PyBuilder 80 | target/ 81 | 82 | # IPython Notebook 83 | .ipynb_checkpoints 84 | 85 | # pyenv 86 | .python-version 87 | 88 | # celery beat schedule file 89 | celerybeat-schedule 90 | 91 | # dotenv 92 | .env 93 | 94 | # virtualenv 95 | venv/ 96 | ENV/ 97 | 98 | # Spyder project settings 99 | .spyderproject 100 | 101 | # Rope project settings 102 | .ropeproject 103 | -------------------------------------------------------------------------------- /sampledata/largerlist.txt: -------------------------------------------------------------------------------- 1 | 275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f 2 | 001025c6d4974fb2ccbea56f710282aca6c1353cc7120d5d4a7853688084953a 3 | 001025c6d4974fb2ccbea56f710282aca6c1353cc7120d5d4a7853688084953b 4 | CEEF161D68AE2B690FA9616361271578 5 | D41D8CD98F00B204E9800998ECF8427E 6 | B284A42B124849E71DBEF653D30229F1 7 | 0322A0BA58B95DB9A2227F12D193FDDEA74CFF89 8 | E02CE6D73156A11BA84A798B26DE1D12 9 | B4ED7AEDACD28CBBDE6978FB09C22C75 10 | C6336EA255EFA7371337C0882D175BEE44CBBD49 11 | c43e6425e2485a47018ade6022e43272 12 | 437808cd8621cc6900f0ca0379037072 13 | d41d8cd98f00b204e9800998ecf8427e 14 | 09086237c41485f6fe4005c4b5bc6384 15 | 722af0dfe55abbf6474af48662fb91d8 16 | 72b7c72c78082adcf63472f3d7c10717 17 | 4d63d089958764e3ae4f4807d744a8c3 18 | 8f5c93009247a2fff6fb374d92493569 19 | 9fe3f38ef5e6707a6562fa58dca0c18d 20 | 5896e004f2217216b697d9482804bd9d 21 | fd97c23426e0acbb816b519cfc532fbc 22 | 68c548d736cbd92384eeadb8697e8725 23 | 882fe1c294ebb3abb7f52d9d75ee773b 24 | 10b2d46ea7ef795e244bb86a400d3b71 25 | a19acdb6c53fa07697ff294954111ddd 26 | 29e2241a3e4660c38a2698cb71c161b2 27 | c464eaa03d156fc77ef53db778709ddd 28 | 7841aa4d680e37d4916d5f3e46cb672c 29 | 39413fb629abfe361fbf2194a3340139 30 | 281d4e2c202b1fd9b0a915d7a0ed34ca 31 | 4bf9a23f3a47741cdd62d0c8b43fb7f9 32 | d7cb50f117b5501f853eb3e6785572b3 33 | 60b3382e470cc887c938aec11a6d4e3c 34 | f2ff1136dc5e73b0d30c7422aa52f628 35 | 351ce7b80f53432e34c15a9dee807db3 36 | a1adc5f314857bb6f77508883fd0ecf1 37 | 2d098ef53d9f2457d209c1dccb5bf643 38 | 2a0a5fa600ed3a60d4115d20f130916e 39 | 998a12eaee95e4faa40b6e7f9eab66b4 40 | 17daf4d21f85b2ea158859bdfa5e5d18 41 | ddfeee36220f23c8125cc0072cad72fd 42 | 59404212d43216aec14d5dc55944f94c 43 | cd320ad7714a625fc0dde4d343815f70 44 | eef23a706e34fdaa9f6edec02b61b053 45 | 53f6c4c36c2d8ef612bdebbd11a6e1be 46 | 851109b3556f682902aacdfb02e63478 47 | 168b9b13e89f51905c7ae4a128c4c2b8 48 | b521e723edfeea36d191ec8934e1dfc2 49 | a37283b22822f62f2c5e2df912465411 50 | e8e38677cfac45c8004e0b1098f512ba 51 | -------------------------------------------------------------------------------- /libs/threatcrowdinfo.py: -------------------------------------------------------------------------------- 1 | # 2 | # INCLUDES 3 | # 4 | import threatcrowd 5 | 6 | # Need sleep function 7 | import time 8 | 9 | # 10 | # CLASSES 11 | # 12 | 13 | class ThreatCrowd(object): 14 | """ 15 | Class to hold ThreatCrowd items. 16 | """ 17 | def __init__(self): 18 | pass 19 | 20 | """ 21 | Adds appropriate headers to input list. 22 | """ 23 | def add_headers(self,inputheaders): 24 | inputheaders.append('ThreatCrowd URL') 25 | inputheaders.append('ThreatCrowd SHA-1') 26 | inputheaders.append('ThreatCrowd MD5') 27 | inputheaders.append('ThreatCrowd IPs') 28 | inputheaders.append('ThreatCrowd References') 29 | inputheaders.append('ThreatCrowd Domains') 30 | inputheaders.append('ThreatCrowd Scans') 31 | 32 | """ 33 | Adds the pulled data to the input row. 34 | """ 35 | def add_row(self,filehash,inputrow): 36 | time.sleep(10) # Time speficied in API documents to be nice. 37 | 38 | IsValid = False 39 | 40 | # TC sometimes has a bad SSL handshake, this should fix it 41 | while IsValid == False: 42 | try: 43 | tcdata = threatcrowd.file_report(filehash) 44 | IsValid = True 45 | except: 46 | IsValid = False 47 | time.sleep(10) 48 | 49 | tcurl = tcdata.get('permalink','NA') 50 | tcsha1 = tcdata.get('sha1','') 51 | tcmd5 = tcdata.get('md5','') 52 | tcips = '; '.join(tcdata.get('ips',[])) 53 | tcreferences = '; '.join(tcdata.get('references',[])) 54 | tcdomains = '; '.join(tcdata.get('domains',[])) 55 | tcscans = '; '.join(tcdata.get('scans',[])) 56 | 57 | inputrow.append(tcurl) 58 | inputrow.append(tcsha1) 59 | inputrow.append(tcmd5) 60 | inputrow.append(tcips) 61 | inputrow.append(tcreferences) 62 | inputrow.append(tcdomains) 63 | inputrow.append(tcscans) 64 | -------------------------------------------------------------------------------- /libs/otx.py: -------------------------------------------------------------------------------- 1 | # 2 | # INCLUDES 3 | # 4 | import OTXv2 5 | 6 | # STDERR 7 | import sys 8 | 9 | # 10 | # CLASSES 11 | # 12 | 13 | class OTX(object): 14 | """ 15 | Class to hold OTX items. 16 | """ 17 | def __init__(self,PublicAPI): 18 | self.PublicAPI = PublicAPI 19 | self.otx = OTXv2.OTXv2(PublicAPI) 20 | self.fileurl = 'https://otx.alienvault.com/api/v1/indicators/file/{}/{}' 21 | 22 | """ 23 | Adds appropriate headers to input list. 24 | """ 25 | def add_headers(self,inputheaders): 26 | inputheaders.append('OTX URL') 27 | inputheaders.append('OTX Pulses') 28 | inputheaders.append('OTX References') 29 | inputheaders.append('OTX Malware') 30 | inputheaders.append('OTX Analysis SHA 1') 31 | inputheaders.append('OTX Analysis SHA 256') 32 | inputheaders.append('OTX Analysis MD5') 33 | inputheaders.append('OTX Analysis SSDeep') 34 | inputheaders.append('OTX Analysis File Size') 35 | inputheaders.append('OTX Analysis File Class') 36 | inputheaders.append('OTX Analysis File Type') 37 | 38 | """ 39 | Adds the pulled data to the input row. 40 | """ 41 | def add_row(self,filehash,inputrow): 42 | try: 43 | otxgendata = self.otx.get(self.fileurl.format(filehash,'general')) 44 | otxanalysisdata = self.otx.get(self.fileurl.format(filehash,'analysis')) 45 | otxurl = 'https://otx.alienvault.com/indicator/file/{}'.format(filehash) 46 | except OTXv2.InvalidAPIKey: 47 | sys.stderr.write("ERROR: OTX API key invalid!\n") 48 | raise 49 | except OTXv2.BadRequest: 50 | otxgendata = {} 51 | otxanalysisdata = {} 52 | otxurl = "Invalid file hash" 53 | 54 | otxgenpulses = otxgendata.get('pulse_info',{}).get('count','') 55 | otxgenrefs = '\n'.join(otxgendata.get('pulse_info',{}).get('references',[])) 56 | 57 | otxanalysismalware = otxanalysisdata.get('malware','') 58 | 59 | otxanalysis = otxanalysisdata.get('analysis',{}) 60 | 61 | if otxanalysis == None: 62 | otxanalysis = {} 63 | 64 | otxanalysisinfo = otxanalysis.get('info',{}).get('results',{}) 65 | otxanalysissha1 = otxanalysisinfo.get('sha1','') 66 | otxanalysissha256 = otxanalysisinfo.get('sha256','') 67 | otxanalysismd5 = otxanalysisinfo.get('md5','') 68 | otxanalysisssdeep = otxanalysisinfo.get('ssdeep','') 69 | otxanalysisfilesize = otxanalysisinfo.get('filesize','') 70 | otxanalysisfileclass = otxanalysisinfo.get('file_class','') 71 | otxanalysisfiletype = otxanalysisinfo.get('file_type','') 72 | 73 | inputrow.append(otxurl) 74 | inputrow.append(otxgenpulses) 75 | inputrow.append(otxgenrefs) 76 | inputrow.append(otxanalysismalware) 77 | inputrow.append(otxanalysissha1) 78 | inputrow.append(otxanalysissha256) 79 | inputrow.append(otxanalysismd5) 80 | inputrow.append(otxanalysisssdeep) 81 | inputrow.append(otxanalysisfilesize) 82 | inputrow.append(otxanalysisfileclass) 83 | inputrow.append(otxanalysisfiletype) 84 | -------------------------------------------------------------------------------- /libs/vt.py: -------------------------------------------------------------------------------- 1 | # 2 | # INCLUDES 3 | # 4 | 5 | # Required for VirusTotal API 6 | from virus_total_apis import PublicApi as VirusTotalPublicApi 7 | # Required for sleep function 8 | import time 9 | 10 | # 11 | # CLASSES 12 | # 13 | 14 | 15 | class VT(object): 16 | """ 17 | Class to hold VirusTotal items. 18 | """ 19 | 20 | # 21 | # FUNCTIONS 22 | # 23 | """ 24 | Sets up a VirusTotal object with the public api. 25 | """ 26 | def __init__(self, vtpublicapi): 27 | self.vtpublicapi = vtpublicapi 28 | self.vt = VirusTotalPublicApi(self.vtpublicapi) 29 | 30 | def add_headers(self, inputheaders): 31 | """ 32 | Adds appropriate headers to input list. 33 | """ 34 | inputheaders.append('VirusTotal Link') 35 | inputheaders.append('VirusTotal Scan Date') 36 | inputheaders.append('VirusTotal SHA256') 37 | inputheaders.append('VirusTotal SHA1') 38 | inputheaders.append('VirusTotal MD5') 39 | inputheaders.append('VirusTotal Verbose Msg') 40 | inputheaders.append('VirusTotal Positivie Scans') 41 | inputheaders.append('VirusTotal Total Scans') 42 | inputheaders.append('VirusTotal Conviction Percentage') 43 | inputheaders.append('VirusTotal Scan Results') 44 | 45 | def add_row(self, filehash, inputrow): 46 | """ 47 | Adds the pulled data to the input row. 48 | """ 49 | vtresponse = self.vt.get_file_report(filehash) 50 | 51 | while "response_code" not in vtresponse or \ 52 | (vtresponse["response_code"] != 200 and 53 | vtresponse["response_code"] != 403): 54 | time.sleep(60) # Sleep for the API throttling 55 | vtresponse = self.vt.get_file_report(filehash) 56 | 57 | if "results" not in vtresponse: 58 | vturl = 'INVALID API KEY' 59 | 60 | vtresults = vtresponse.get('results', {}) 61 | 62 | vtsha1 = vtresults.get('sha1', '') 63 | vtscandate = vtresults.get('scan_date', '') 64 | vturl = vtresults.get('permalink', '') 65 | vtmsg = vtresults.get('verbose_msg', '') 66 | vtsha256 = vtresults.get('sha256', '') 67 | vtpositives = str(vtresults.get('positives', 0)) 68 | vttotal = str(vtresults.get('total', 0)) 69 | vtmd5 = vtresults.get('md5', '') 70 | 71 | vtscansdict = vtresults.get('scans', {}) 72 | vtscans = '\n'.join(["{} Detected: {} Result: " 73 | "{} Version: {} Update: {}" 74 | .format(s, vtscansdict[s].get('detected', ''), 75 | vtscansdict[s].get('result', ''), 76 | vtscansdict[s].get('Version', ''), 77 | vtscansdict[s].get('update', '')) 78 | for s in vtscansdict]) 79 | 80 | if (float(vttotal) > 0): 81 | vtconvictionpercentage = str(float(vtpositives)/float(vttotal) * 82 | 100) 83 | else: 84 | vtconvictionpercentage = 'NaN' 85 | 86 | inputrow.append(vturl) 87 | inputrow.append(vtscandate) 88 | inputrow.append(vtsha256) 89 | inputrow.append(vtsha1) 90 | inputrow.append(vtmd5) 91 | inputrow.append(vtmsg) 92 | inputrow.append(vtpositives) 93 | inputrow.append(vttotal) 94 | inputrow.append(vtconvictionpercentage) 95 | inputrow.append(vtscans) 96 | -------------------------------------------------------------------------------- /libs/nsrl.py: -------------------------------------------------------------------------------- 1 | # 2 | # Note this module is different than others to help speed up processing. 3 | # It is a "Pre Processing" module 4 | # 5 | 6 | # 7 | # INCLUDES 8 | # 9 | import zipfile 10 | import csv 11 | import sys 12 | import subprocess 13 | 14 | # 15 | # CLASSES 16 | # 17 | 18 | 19 | class NSRL(object): 20 | """ 21 | Class to hold NSRL items. 22 | """ 23 | def __init__(self, NSRLPath): 24 | self.NSRLPath = NSRLPath 25 | 26 | def add_headers(self, inputheaders): 27 | """ 28 | Adds appropriate headers to input list. 29 | """ 30 | inputheaders.append('NSRL SHA-1 or MD5 Match') 31 | 32 | def add_row(self, NSRLHashes, filehash, inputrow): 33 | """ 34 | Adds the pulled data to the input row. 35 | """ 36 | NSRLMatch = False 37 | if filehash.upper() in [n.upper() for n in NSRLHashes]: 38 | NSRLMatch = True 39 | 40 | inputrow.append(NSRLMatch) 41 | 42 | def lookup(self, filehashes, SevenZipPath=None): 43 | """ 44 | Lookup the list of file hashes and returns a list of the 45 | hashes that exist in the NSRL. 46 | 47 | Inspired by: https://blog.didierstevens.com/2015/09/01/nsrl-py-using- 48 | the-reference-data-set-of-the-national-software- 49 | reference-library/ 50 | 51 | """ 52 | upperhashes = [f.upper() for f in filehashes] 53 | outputhashes = [] 54 | 55 | if SevenZipPath is None: 56 | try: 57 | ZipFile = zipfile.ZipFile(self.NSRLPath) 58 | except: 59 | sys.stderr.write("ERROR: Problem with the NSRL file! " + 60 | "Check the conf file? " + 61 | "Check if the file is corrupt?\n") 62 | exit(1) 63 | 64 | fIn = ZipFile.open('NSRLFile.txt', 'r') 65 | csvIn = csv.reader(fIn, delimiter=',', skipinitialspace=True) 66 | 67 | outputhashes = self.searchhashes(csvIn, upperhashes) 68 | 69 | fIn.close() 70 | else: 71 | process = subprocess.Popen([SevenZipPath, "e", "-so", 72 | self.NSRLPath, "NSRLFile.txt"], 73 | stdout=subprocess.PIPE) 74 | stdout, stderr = process.communicate() 75 | csvIn = csv.reader(stdout.splitlines(), 76 | delimiter=',', 77 | skipinitialspace=True) 78 | 79 | outputhashes = self.searchhashes(csvIn, upperhashes) 80 | 81 | # sys.stderr.write("ERROR: Cannot open NSRL with 7-Zip!") 82 | # exit(1) 83 | 84 | return outputhashes 85 | 86 | def searchhashes(self, csvreader, upperhashes): 87 | """ 88 | Seaches csvreader for upperhashes, if found, returns 89 | hashmatches 90 | 91 | :param csvreader: A csv.reader object 92 | :param upperhashes: A list of hashes that are ALREADY upper case 93 | for matching on csvreader 94 | :return: 95 | """ 96 | hashmatches = [] 97 | for row in csvreader: 98 | if row[0].upper() in upperhashes: 99 | hashmatches.append(row[0]) 100 | elif row[1].upper() in upperhashes: 101 | hashmatches.append(row[1]) 102 | return hashmatches 103 | -------------------------------------------------------------------------------- /fileintel.py: -------------------------------------------------------------------------------- 1 | # MAIN APPLICATION 2 | 3 | # 4 | # INCLUDES 5 | # 6 | 7 | # Required for complex command line argument parsing. 8 | import argparse 9 | # Required for configuration files 10 | from configparser import ConfigParser 11 | # Required for CSV 12 | import csv 13 | # Required for STDOUT 14 | import sys 15 | # Required for paths 16 | import os 17 | 18 | # MODULES: Add additional intelligence source modules here 19 | 20 | # Local VirusTotal functions 21 | import libs.vt 22 | # Local NSRL functions 23 | import libs.nsrl 24 | # Local ThreatCrowd functions 25 | import libs.threatcrowdinfo 26 | # Local OTX functions 27 | import libs.otx 28 | # Local ThreatExpert functions 29 | import libs.threatexpert 30 | 31 | 32 | # 33 | # Detect type of hash 34 | # 35 | def typeofhash(filehhash): 36 | """ 37 | Determines the type of the hash by the length. 38 | 39 | :param filehash: The hash as a string 40 | :results: The hash type as either MD5, SHA-1, SHA-256, 41 | SHA-512 or Uknown 42 | """ 43 | if len(filehash) == 32: 44 | return('MD5') 45 | elif len(filehash) == 40: 46 | return('SHA-1') 47 | elif len(filehash) == 64: 48 | return('SHA-256') 49 | elif len(filehash) == 128: 50 | return('SHA-512') 51 | else: 52 | return('Unknown') 53 | 54 | # 55 | # COMMAND LINE ARGS 56 | # 57 | 58 | # Setup command line argument parsing. 59 | parser = argparse.ArgumentParser( 60 | description='Modular application to look up ' 61 | 'file intelligence information. ' 62 | 'Outputs CSV to STDOUT.') 63 | parser.add_argument('ConfigurationFile', help='Configuration file') 64 | parser.add_argument('InputFile', 65 | help='Input file, one hash per line (MD5, SHA1, SHA256)') 66 | parser.add_argument('-a', 67 | '--all', action='store_true', 68 | help='Perform All Lookups.') 69 | parser.add_argument('-v', 70 | '--virustotal', action='store_true', 71 | help='VirusTotal Lookup.') 72 | parser.add_argument('-n', 73 | '--nsrl', action='store_true', 74 | help='NSRL Lookup for SHA-1 and MD5 hashes ONLY!') 75 | parser.add_argument('-o', 76 | '--otx', action='store_true', 77 | help='OTX by AlienVault Lookup.') 78 | parser.add_argument('-t', 79 | '--threatcrowd', action='store_true', 80 | help='ThreatCrowd Lookup for SHA-1 and MD5 hashes ONLY!') 81 | parser.add_argument('-e', 82 | '--threatexpert', action='store_true', 83 | help='ThreatExpert Lookup for MD5 hashes ONLY!') 84 | parser.add_argument('-r', 85 | '--carriagereturn', action='store_true', 86 | help='Use carriage returns with new lines on csv.') 87 | 88 | # 89 | # MAIN PROGRAM 90 | # 91 | 92 | # Parse command line arguments. 93 | args = parser.parse_args() 94 | 95 | # Parse Configuration File 96 | ConfigFile = ConfigParser() 97 | ConfigFile.read(args.ConfigurationFile) 98 | 99 | # Setup the headers list 100 | Headers = [] 101 | 102 | # Setup the data list 103 | Data = [] 104 | 105 | # MODULES: Setup additional intelligence source modules here 106 | 107 | # Pull the VirusTotal config 108 | vtpublicapi = ConfigFile.get('VirusTotal', 'PublicAPI') 109 | 110 | # Pull the NSRL config 111 | nsrlpath = ConfigFile.get('NSRL', 'Path') 112 | 113 | # Pull the OTX config 114 | otxpublicapi = ConfigFile.get('OTX', 'PublicAPI') 115 | 116 | # Pull the 7Zip executable name 117 | try: 118 | SevenZipPath = ConfigFile.get('7Zip', 'Path') 119 | if os.path.exists(SevenZipPath): 120 | sys.stderr.write("INFO: Using 7Zip from: " + 121 | SevenZipPath + "\n") 122 | else: 123 | sys.stderr.write("INFO: 7Zip not configured correctly, " + 124 | "defaulting to much slower " + 125 | "internal Zip library!\n") 126 | SevenZipPath = None 127 | except: 128 | sys.stderr.write("INFO: 7Zip not configured correctly, " + 129 | "defaulting to much slower " + 130 | "internal Zip library!\n") 131 | SevenZipPath = None 132 | 133 | # Open file and read into list named hosts 134 | try: 135 | with open(args.InputFile) as infile: 136 | filehashes = infile.read().splitlines() 137 | except: 138 | sys.stderr.write("ERROR: Cannot open InputFile!\n") 139 | exit(1) 140 | 141 | # Setup CSV to STDOUT 142 | if args.carriagereturn: 143 | output = csv.writer(sys.stdout, lineterminator='\r\n') 144 | else: 145 | output = csv.writer(sys.stdout, lineterminator='\n') 146 | 147 | # Add standard header info 148 | Headers.append('Input File') 149 | Headers.append('Hash Type?') 150 | 151 | # Print Header Flag 152 | PrintHeaders = True 153 | 154 | # Pre Processing Here 155 | 156 | # Pre process NSRL results because it is faster this way 157 | NSRLHashes = [] 158 | if args.nsrl or args.all: 159 | sys.stderr.write('Preprocessing NSRL database.... please hold...\n') 160 | NSRL = libs.nsrl.NSRL(nsrlpath) 161 | NSRLHashes = NSRL.lookup(filehashes, SevenZipPath) 162 | 163 | # Abort Flag 164 | Aborted = False 165 | 166 | # Iterate through all of the input hosts 167 | for filehash in filehashes: 168 | try: 169 | # Output status 170 | sys.stderr.write('*** Processing {} ***\n'.format(filehash)) 171 | 172 | # Clear the row 173 | row = [] 174 | 175 | # Add the host to the output 176 | row.append(filehash.upper()) 177 | 178 | # Detect the type of hash and add it 179 | row.append(typeofhash(filehash)) 180 | 181 | # Lookup NSRL - This is slightly different than most 182 | # modules because of required pre processing. 183 | # No need to use this as an example unless you 184 | # preprocess other data. 185 | if args.nsrl or args.all: 186 | NSRL = libs.nsrl.NSRL(nsrlpath) 187 | if PrintHeaders: 188 | NSRL.add_headers(Headers) 189 | NSRL.add_row(NSRLHashes, filehash, row) 190 | 191 | # Lookup VirusTotal 192 | if args.virustotal or args.all: 193 | VT = libs.vt.VT(vtpublicapi) 194 | if PrintHeaders: 195 | VT.add_headers(Headers) 196 | VT.add_row(filehash, row) 197 | 198 | # Lookup ThreatCrowd 199 | if args.threatcrowd or args.all: 200 | TC = libs.threatcrowdinfo.ThreatCrowd() 201 | if PrintHeaders: 202 | TC.add_headers(Headers) 203 | TC.add_row(filehash, row) 204 | 205 | # Lookup OTX 206 | if args.otx or args.all: 207 | OTX = libs.otx.OTX(otxpublicapi) 208 | if PrintHeaders: 209 | OTX.add_headers(Headers) 210 | OTX.add_row(filehash, row) 211 | 212 | # Lookup ThreatExpert 213 | if args.threatexpert or args.all: 214 | ThreatExert = libs.threatexpert.ThreatExpert() 215 | if PrintHeaders: 216 | ThreatExert.add_headers(Headers) 217 | ThreatExert.add_row(filehash, row) 218 | 219 | # MODULES: Add additional intelligence source modules here 220 | 221 | # Add the row to the output data set 222 | Data.append(row) 223 | 224 | # Print out the headers 225 | if PrintHeaders: 226 | output.writerow(Headers) 227 | 228 | # Print out the data 229 | try: 230 | output.writerow([unicode(field).encode('utf-8') for field in row]) 231 | except: 232 | output.writerow([str(field) for field in row]) 233 | 234 | # This turns off headers for remaining rows 235 | PrintHeaders = False 236 | except: 237 | # There was an error... 238 | sys.stderr.write('ERROR: An exception was raised! ' + 239 | 'Raising original exception for debugging.\n') 240 | raise 241 | 242 | # Exit without error 243 | exit(0) 244 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # fileintel 2 | 3 | This is a tool used to collect various intelligence sources for a given file. 4 | Fileintel is written in a modular fashion so new intelligence sources can be 5 | easily added. 6 | 7 | Files are identified by file hash (MD5, SHA1, SHA256). The output is in CSV 8 | format and sent to STDOUT so the data can be saved or piped into another 9 | program. Since the output is in CSV format, spreadsheets such as Excel or 10 | database systems will easily be able to import the data. 11 | 12 | This works with Python v2, but it should also work with Python v3. If you 13 | find it does not work with Python v3 please post an issue. 14 | 15 | This code has been tested on Windows 7 and Mac OSX El Capitan. If you try this 16 | on any other type of machine please let me know! 17 | 18 | An introduction video for fileintel: https://youtu.be/MgJoy2fD0ZY 19 | 20 | Background from my first tool hostintel: https://github.com/keithjjones/hostintel 21 | 22 | ## Help Screen: 23 | 24 | 25 | ``` 26 | $ python fileintel.py -h 27 | usage: fileintel.py [-h] [-a] [-v] [-n] [-o] [-t] [-r] 28 | ConfigurationFile InputFile 29 | 30 | Modular application to look up file intelligence information. Outputs CSV to 31 | STDOUT. 32 | 33 | positional arguments: 34 | ConfigurationFile Configuration file 35 | InputFile Input file, one hash per line (MD5, SHA1, SHA256) 36 | 37 | optional arguments: 38 | -h, --help show this help message and exit 39 | -a, --all Perform All Lookups. 40 | -v, --virustotal VirusTotal Lookup. 41 | -n, --nsrl NSRL Lookup for SHA-1 and MD5 hashes ONLY! 42 | -o, --otx OTX by AlienVault Lookup. 43 | -t, --threatcrowd ThreatCrowd Lookup for SHA-1 and MD5 hashes ONLY! 44 | -r, --carriagereturn Use carriage returns with new lines on csv. 45 | ``` 46 | 47 | # Install: 48 | 49 | First, make sure your configuration file is correct for your 50 | computer/installation. Add your API keys and usernames as appropriate 51 | in the configuration file. Python and Pip are required to run this 52 | tool. There are modules that must be installed from GitHub, so be 53 | sure the git command is available from your command line. Git is easy 54 | to install for any platform. Next, install the python requirements 55 | (run this each time you git pull this repository too): 56 | 57 | ``` 58 | $ pip install -r requirements.txt 59 | ``` 60 | 61 | There have been some problems with the stock version of Python on Mac 62 | OSX 63 | (http://stackoverflow.com/questions/31649390/python-requests-ssl-handshake-failure). 64 | You may have to install the security portion of the requests library 65 | with the following command: 66 | 67 | ``` 68 | $ pip install requests[security] 69 | ``` 70 | 71 | ## NSRL 72 | 73 | If you are using the NSRL database lookups, download the NSRL "Minimal" data 74 | set as a zip file. Put it in a directory you can access and point your 75 | configuration file to that zip file. There is no need to unzip the NSRL data. 76 | 77 | ## 7Zip 78 | 79 | If you want to use 7Zip (fast) rather than the internal Python zip library 80 | (slow) to read the large NSRL zip file, you will need to install 7Zip. 81 | Windows installation of 7Zip is quite simple, but Mac OX X or Linux will need 82 | to install p7zip, the command line tool. For Mac OS X, you can install this 83 | tool with Brew. Once in install 7Zip you will need to point your 84 | configuration file appropriate to wherever the 7z executable lies. 85 | 86 | ## Virtualenv 87 | 88 | Lastly, I am a fan of virtualenv for Python. To make a customized local 89 | installation of Python to run this tool, I recommend you read: 90 | http://docs.python-guide.org/en/latest/dev/virtualenvs/ 91 | 92 | # Running: 93 | 94 | ``` 95 | $ python fileintel.py myconfigfile.conf myhashes.txt -a > myoutput.csv 96 | ``` 97 | You should be able to import myoutput.csv into any database or spreadsheet program. 98 | 99 | **Note that depending on your network, your API key limits, and the 100 | data you are searching for, this script can run for a very long time! 101 | Use each module sparingly! In return for the long wait, you save 102 | yourself from having to pull this data manually.** 103 | 104 | ## Sample Data: 105 | 106 | There is some sample data in the "sampledata" directory. The hashes 107 | were picked at random and by no means is meant to target any 108 | organization or individual. Running this tool on the sample data 109 | works in the following way: 110 | 111 | ### Smaller List: 112 | 113 | ``` 114 | $ python fileintel.py local/config.conf sampledata/smallerlist.txt -a > sampledata/smallerlist.csv 115 | INFO: Using 7Zip from: /usr/local/bin/7z 116 | Preprocessing NSRL database.... please hold... 117 | *** Processing 275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f *** 118 | *** Processing 001025c6d4974fb2ccbea56f710282aca6c1353cc7120d5d4a7853688084953a *** 119 | *** Processing 001025c6d4974fb2ccbea56f710282aca6c1353cc7120d5d4a7853688084953b *** 120 | *** Processing 92945627f32dfde376ffb7091b5faad2 *** 121 | *** Processing 92945627f32dfde376ffb7091b5faad1 *** 122 | *** Processing CEEF161D68AE2B690FA9616361271578 *** 123 | *** Processing D41D8CD98F00B204E9800998ECF8427E *** 124 | *** Processing B284A42B124849E71DBEF653D30229F1 *** 125 | *** Processing 0322A0BA58B95DB9A2227F12D193FDDEA74CFF89 *** 126 | *** Processing E02CE6D73156A11BA84A798B26DE1D12 *** 127 | *** Processing B4ED7AEDACD28CBBDE6978FB09C22C75 *** 128 | *** Processing C6336EA255EFA7371337C0882D175BEE44CBBD49 *** 129 | 130 | ``` 131 | 132 | ### Larger List: 133 | 134 | ``` 135 | $ python fileintel.py local/config.conf sampledata/largerlist.txt -a > sampledata/largerlist.csv 136 | INFO: Using 7Zip from: /usr/local/bin/7z 137 | Preprocessing NSRL database.... please hold... 138 | *** Processing 275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f *** 139 | *** Processing 001025c6d4974fb2ccbea56f710282aca6c1353cc7120d5d4a7853688084953a *** 140 | *** Processing CEEF161D68AE2B690FA9616361271578 *** 141 | *** Processing D41D8CD98F00B204E9800998ECF8427E *** 142 | *** Processing B284A42B124849E71DBEF653D30229F1 *** 143 | *** Processing 0322A0BA58B95DB9A2227F12D193FDDEA74CFF89 *** 144 | *** Processing E02CE6D73156A11BA84A798B26DE1D12 *** 145 | *** Processing B4ED7AEDACD28CBBDE6978FB09C22C75 *** 146 | *** Processing C6336EA255EFA7371337C0882D175BEE44CBBD49 *** 147 | ... 148 | *** Processing 09a64957060121a765185392fe2ec742 *** 149 | *** Processing e0ab52a76073bff4a27bdf327230103d *** 150 | *** Processing 02a5bd561c140236a3380785a3544b71 *** 151 | *** Processing 152c3bb23cc9cb0b0112051b94f69d47 *** 152 | *** Processing 2c9a5e7ce87259ec89e182416ac3a4f8 *** 153 | *** Processing c777b094a3469610d81c139c952e380e *** 154 | *** Processing aa58d9126ed96fa61f53e4f6c0bcd6b4 *** 155 | *** Processing a68e53c42e2d0968e2fbcd168323725f *** 156 | *** Processing a1651db6630f90b11576389aa714ad41 *** 157 | 158 | ``` 159 | 160 | # Intelligence Sources: 161 | 162 | - VirusTotal (Public API key and network I/O required, throttled when appropriate) 163 | - http://www.virustotal.com 164 | - NSRL Database 165 | - http://www.nsrl.nist.gov/Downloads.htm 166 | - ThreatCrowd (Network I/O required, throttled when appropriate) 167 | - http://www.threatcrowd.org 168 | - OTX by AlienVault (API key and network I/O required) 169 | - https://otx.alienvault.com 170 | - ThreatExpert (Network I/O required) 171 | - http://www.threatexpert.com/ 172 | 173 | # Resources: 174 | 175 | - The VirusTotal Python library 176 | - https://github.com/blacktop/virustotal-api 177 | - The NSRL database 178 | - https://www.nist.gov/itl/ssd/software-quality-group/national-software-reference-library-nsrl/nsrl-download 179 | - https://www.nist.gov/itl/ssd/software-quality-group/national-software-reference-library-nsrl/nsrl-download/current-rds 180 | - https://blog.didierstevens.com/2015/09/01/nsrl-py-using-the-reference-data-set-of-the-national-software-reference-library/ 181 | - The ThreatCrowd Python library 182 | - https://github.com/threatcrowd/ApiV2 183 | - https://github.com/jheise/threatcrowd_api 184 | - The OTX Python Library 185 | - https://github.com/AlienVault-Labs/OTX-Python-SDK 186 | - https://otx.alienvault.com/api/ 187 | - ThreatExpert 188 | - Scrapes using BeautifulSoup 189 | - https://www.crummy.com/software/BeautifulSoup/bs4/doc 190 | - Web requests using requests library 191 | - http://docs.python-requests.org/en/master/ 192 | - http://www.threatexpert.com/ 193 | 194 | # License: 195 | 196 | This application is covered by the Creative Commons BY-SA license. 197 | 198 | - https://creativecommons.org/licenses/by-sa/4.0/ 199 | - https://creativecommons.org/licenses/by-sa/4.0/legalcode 200 | 201 | # Contributing: 202 | 203 | Read [Contributing.md](Contributing.md) 204 | 205 | # To Do: 206 | 207 | - Try to incorporate threat feeds from http://www.secrepo.com 208 | - Add malware sandbox intelligence 209 | - Add smart lookup based upon hash type 210 | - Better hash detection (for example, 0-9, A-F characters only) 211 | - Look at https://github.com/Yelp/threat_intel 212 | -------------------------------------------------------------------------------- /sampledata/smallerlist.csv: -------------------------------------------------------------------------------- 1 | Input File,Hash Type?,VirusTotal Link,VirusTotal Scan Date,VirusTotal SHA256,VirusTotal SHA1,VirusTotal MD5,VirusTotal Verbose Msg,VirusTotal Positivie Scans,VirusTotal Total Scans,VirusTotal Conviction Percentage,VirusTotal Scan Results,ThreatCrowd URL,ThreatCrowd SHA-1,ThreatCrowd MD5,ThreatCrowd IPs,ThreatCrowd References,ThreatCrowd Domains,ThreatCrowd Scans,OTX URL,OTX Pulses,OTX References,OTX Malware,OTX Analysis SHA 1,OTX Analysis SHA 256,OTX Analysis MD5,OTX Analysis SSDeep,OTX Analysis File Size,OTX Analysis File Class,OTX Analysis File Type,NSRL SHA-1 or MD5 Match,ThreatExpert URL,ThreatExpert Findings 2 | 275A021BBFB6489E54D471899F7DB9D1663FC695EC2FE2A2C4538AABF651FD0F,SHA-256,https://www.virustotal.com/file/275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f/analysis/1474158352/,2016-09-18 00:25:52,275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f,3395856ce81f2b7382dee72602f798b642f14140,44d88612fea8a8f36de82e1278abb02f,"Scan finished, information embedded",53,55,96.3636363636,"Bkav Detected: True Result: DOS.EiracA.Trojan Version: Update: 20160917 3 | MicroWorld-eScan Detected: True Result: EICAR-Test-File Version: Update: 20160918 4 | nProtect Detected: True Result: EICAR-Test-File Version: Update: 20160917 5 | CMC Detected: True Result: Eicar.test.file Version: Update: 20160916 6 | CAT-QuickHeal Detected: True Result: EICAR.TestFile Version: Update: 20160917 7 | McAfee Detected: True Result: EICAR test file Version: Update: 20160917 8 | Malwarebytes Detected: False Result: None Version: Update: 20160917 9 | Zillya Detected: True Result: EICAR.TestFile Version: Update: 20160915 10 | AegisLab Detected: True Result: EICAR-Test-File!c Version: Update: 20160917 11 | TheHacker Detected: True Result: EICAR_Test_File Version: Update: 20160916 12 | BitDefender Detected: True Result: EICAR-Test-File (not a virus) Version: Update: 20160917 13 | K7GW Detected: True Result: EICAR_Test_File Version: Update: 20160917 14 | K7AntiVirus Detected: True Result: EICAR_Test_File Version: Update: 20160917 15 | Baidu Detected: True Result: Win32.Test.Eicar.a Version: Update: 20160914 16 | F-Prot Detected: True Result: EICAR_Test_File Version: Update: 20160917 17 | Symantec Detected: True Result: EICAR Test String Version: Update: 20160918 18 | ESET-NOD32 Detected: True Result: Eicar test file Version: Update: 20160917 19 | TrendMicro-HouseCall Detected: True Result: Eicar_test_file Version: Update: 20160918 20 | Avast Detected: True Result: EICAR Test-NOT virus!!! Version: Update: 20160918 21 | ClamAV Detected: True Result: Eicar-Test-Signature Version: Update: 20160916 22 | Kaspersky Detected: True Result: EICAR-Test-File Version: Update: 20160917 23 | Alibaba Detected: False Result: None Version: Update: 20160914 24 | NANO-Antivirus Detected: True Result: Marker.Dos.EICAR.dymlmx Version: Update: 20160918 25 | ViRobot Detected: True Result: EICAR-test[h] Version: Update: 20160917 26 | Rising Detected: True Result: EICAR-Test-File (classic) Version: Update: 20160918 27 | Ad-Aware Detected: True Result: EICAR-Test-File (not a virus) Version: Update: 20160918 28 | Sophos Detected: True Result: EICAR-AV-Test Version: Update: 20160918 29 | Comodo Detected: True Result: EICAR-Test-File Version: Update: 20160916 30 | F-Secure Detected: True Result: EICAR_Test_File Version: Update: 20160917 31 | DrWeb Detected: True Result: EICAR Test File (NOT a Virus!) Version: Update: 20160917 32 | VIPRE Detected: True Result: EICAR (v) Version: Update: 20160918 33 | TrendMicro Detected: True Result: Eicar_test_file Version: Update: 20160918 34 | McAfee-GW-Edition Detected: True Result: EICAR test file Version: Update: 20160918 35 | Emsisoft Detected: True Result: EICAR-Test-File (not a virus) (B) Version: Update: 20160917 36 | Cyren Detected: True Result: EICAR_Test_File Version: Update: 20160917 37 | Jiangmin Detected: True Result: EICAR-Test-File Version: Update: 20160917 38 | Avira Detected: True Result: Eicar-Test-Signature Version: Update: 20160917 39 | Fortinet Detected: True Result: EICAR_TEST_FILE Version: Update: 20160917 40 | Antiy-AVL Detected: True Result: TestFile/Win32.EICAR Version: Update: 20160918 41 | Kingsoft Detected: True Result: Test.eicar.aa Version: Update: 20160918 42 | Arcabit Detected: True Result: EICAR-Test-File (not a virus) Version: Update: 20160917 43 | SUPERAntiSpyware Detected: True Result: NotAThreat.EICAR[TestFile] Version: Update: 20160917 44 | Microsoft Detected: True Result: Virus:DOS/EICAR_Test_File Version: Update: 20160917 45 | AhnLab-V3 Detected: True Result: EICAR_Test_File Version: Update: 20160917 46 | ALYac Detected: True Result: Misc.Eicar-Test-File Version: Update: 20160918 47 | AVware Detected: True Result: EICAR (v) Version: Update: 20160917 48 | VBA32 Detected: True Result: EICAR-Test-File Version: Update: 20160917 49 | Zoner Detected: True Result: EICAR.Test.File-NoVirus Version: Update: 20160917 50 | Tencent Detected: True Result: EICAR.TEST.NOT-A-VIRUS Version: Update: 20160918 51 | Yandex Detected: True Result: EICAR_test_file Version: Update: 20160917 52 | Ikarus Detected: True Result: EICAR-Test-File Version: Update: 20160917 53 | GData Detected: True Result: EICAR-Test-File (not a virus) Version: Update: 20160917 54 | AVG Detected: True Result: EICAR_Test Version: Update: 20160918 55 | Panda Detected: True Result: EICAR-AV-TEST-FILE Version: Update: 20160917 56 | Qihoo-360 Detected: True Result: qex.eicar.gen.gen Version: Update: 20160918",NA,,,,,,,https://otx.alienvault.com/indicator/file/275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f,1,,None,3395856ce81f2b7382dee72602f798b642f14140,275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f,44d88612fea8a8f36de82e1278abb02f,,68,None,"ASCII text, with no line terminators",False,N/A, 57 | 001025C6D4974FB2CCBEA56F710282ACA6C1353CC7120D5D4A7853688084953A,SHA-256,https://www.virustotal.com/file/001025c6d4974fb2ccbea56f710282aca6c1353cc7120d5d4a7853688084953a/analysis/1472555297/,2016-08-30 11:08:17,001025c6d4974fb2ccbea56f710282aca6c1353cc7120d5d4a7853688084953a,84c17e0ce55db895c7f62c6838a061a9a77007d7,fadc983f4577da8a7caa35e5096ddf14,"Scan finished, information embedded",38,57,66.6666666667,"Bkav Detected: True Result: W32.HfsAdware.59EA Version: Update: 20160829 58 | MicroWorld-eScan Detected: False Result: None Version: Update: 20160830 59 | nProtect Detected: False Result: None Version: Update: 20160830 60 | CMC Detected: False Result: None Version: Update: 20160830 61 | CAT-QuickHeal Detected: False Result: None Version: Update: 20160830 62 | McAfee Detected: True Result: Artemis!FADC983F4577 Version: Update: 20160830 63 | Malwarebytes Detected: True Result: PUP.Optional.OptimizerPro Version: Update: 20160830 64 | VIPRE Detected: True Result: OptimizerPro (fs) (not malicious) Version: Update: 20160830 65 | TheHacker Detected: False Result: None Version: Update: 20160829 66 | BitDefender Detected: True Result: Application.Generic.1564298 Version: Update: 20160830 67 | K7GW Detected: True Result: Adware ( 004c3e641 ) Version: Update: 20160830 68 | K7AntiVirus Detected: True Result: Adware ( 004c3e641 ) Version: Update: 20160830 69 | TrendMicro Detected: False Result: None Version: Update: 20160830 70 | Baidu Detected: False Result: None Version: Update: 20160830 71 | F-Prot Detected: True Result: W32/Trojan2.OVYQ Version: Update: 20160830 72 | Symantec Detected: True Result: SMG.Heur!gen Version: Update: 20160830 73 | TotalDefense Detected: False Result: None Version: Update: 20160830 74 | TrendMicro-HouseCall Detected: True Result: TROJ_GE.06094129 Version: Update: 20160830 75 | Avast Detected: True Result: Win32:PUP-gen [PUP] Version: Update: 20160830 76 | ClamAV Detected: False Result: None Version: Update: 20160830 77 | Kaspersky Detected: True Result: not-a-virus:HEUR:RiskTool.Win32.Generic Version: Update: 20160830 78 | Alibaba Detected: False Result: None Version: Update: 20160830 79 | NANO-Antivirus Detected: True Result: Riskware.Win32.Unwanted.eaeozl Version: Update: 20160830 80 | ViRobot Detected: False Result: None Version: Update: 20160830 81 | AegisLab Detected: False Result: None Version: Update: 20160830 82 | Rising Detected: True Result: Malware.Undefined!8.C-7p3fz8pKI3D (Cloud) Version: Update: 20160830 83 | Ad-Aware Detected: True Result: Application.Generic.1564298 Version: Update: 20160830 84 | Sophos Detected: True Result: Generic PUA AB (PUA) Version: Update: 20160830 85 | Comodo Detected: False Result: None Version: Update: 20160830 86 | F-Secure Detected: True Result: Application.Generic.1564298 Version: Update: 20160830 87 | DrWeb Detected: True Result: Trojan.Ptop.68 Version: Update: 20160830 88 | Zillya Detected: True Result: Adware.OptimizerProCRTD.Win32.318 Version: Update: 20160830 89 | Invincea Detected: True Result: virus.win32.sality.at Version: Update: 20160830 90 | McAfee-GW-Edition Detected: True Result: BehavesLike.Win32.Jeefo.rc Version: Update: 20160830 91 | Emsisoft Detected: True Result: Adware.GenericKD.3255527 (B) Version: Update: 20160830 92 | Cyren Detected: True Result: W32/Trojan.KBXY-4410 Version: Update: 20160830 93 | Jiangmin Detected: False Result: None Version: Update: 20160830 94 | Avira Detected: True Result: PUA/OptimizerPro.RE Version: Update: 20160830 95 | Fortinet Detected: True Result: Riskware/Generic Version: Update: 20160830 96 | Antiy-AVL Detected: True Result: Trojan[FakeAV]/Win32.Agent Version: Update: 20160830 97 | Kingsoft Detected: False Result: None Version: Update: 20160830 98 | Arcabit Detected: True Result: Adware.Generic.D31ACCA Version: Update: 20160830 99 | SUPERAntiSpyware Detected: False Result: None Version: Update: 20160830 100 | Microsoft Detected: False Result: None Version: Update: 20160830 101 | AhnLab-V3 Detected: True Result: PUP/Win32.OptimizerPro.R149627 Version: Update: 20160830 102 | VBA32 Detected: True Result: TrojanFakeAV.Agent Version: Update: 20160829 103 | AVware Detected: True Result: OptimizerPro (fs) Version: Update: 20160830 104 | Zoner Detected: False Result: None Version: Update: 20160830 105 | ESET-NOD32 Detected: True Result: a variant of Win32/Adware.SpeedingUpMyPC.AE Version: Update: 20160830 106 | Tencent Detected: False Result: None Version: Update: 20160830 107 | Yandex Detected: True Result: Riskware.SpeedingUpMyPC! Version: Update: 20160828 108 | Ikarus Detected: True Result: PUA.Generic Version: Update: 20160830 109 | GData Detected: True Result: Application.Generic.1564298 Version: Update: 20160830 110 | AVG Detected: True Result: Generic7.BCS Version: Update: 20160830 111 | Panda Detected: True Result: Trj/CI.A Version: Update: 20160829 112 | CrowdStrike Detected: True Result: malicious_confidence_99% (D) Version: Update: 20160725 113 | Qihoo-360 Detected: True Result: Win32/Virus.IM.2bf Version: Update: 20160830",NA,,,,,,,https://otx.alienvault.com/indicator/file/001025c6d4974fb2ccbea56f710282aca6c1353cc7120d5d4a7853688084953a,0,,None,84c17e0ce55db895c7f62c6838a061a9a77007d7,001025c6d4974fb2ccbea56f710282aca6c1353cc7120d5d4a7853688084953a,fadc983f4577da8a7caa35e5096ddf14,98304:7woRIqXAfJt102DXdmdA+1xgoGKPhNHiEhDCn0U8xF7Eek:BRJXAT102DXdmdA+1xgoGKiUCh0Pk,4418392,PEXE,"PE32 executable (GUI) Intel 80386, for MS Windows",False,N/A, 114 | 001025C6D4974FB2CCBEA56F710282ACA6C1353CC7120D5D4A7853688084953B,SHA-256,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/001025c6d4974fb2ccbea56f710282aca6c1353cc7120d5d4a7853688084953b,0,,None,,,,,,,,False,N/A, 115 | 92945627F32DFDE376FFB7091B5FAAD2,MD5,https://www.virustotal.com/file/68c99920c454660ff25ed40feffbf44c82197c15e5e59d44b67f61bc4b39fe56/analysis/1474126391/,2016-09-17 15:33:11,68c99920c454660ff25ed40feffbf44c82197c15e5e59d44b67f61bc4b39fe56,6f97644364c2cc5a7552b2517bdba68bf663ec27,92945627f32dfde376ffb7091b5faad2,"Scan finished, information embedded",47,57,82.4561403509,"Bkav Detected: True Result: W32.RansomwareTQB.Trojan Version: Update: 20160917 116 | MicroWorld-eScan Detected: True Result: Gen:Variant.Zusy.146473 Version: Update: 20160917 117 | nProtect Detected: True Result: Trojan/W32.Agent.196709 Version: Update: 20160917 118 | CMC Detected: False Result: None Version: Update: 20160916 119 | CAT-QuickHeal Detected: True Result: Trojan.ServStart.A Version: Update: 20160917 120 | ALYac Detected: True Result: Gen:Variant.Zusy.146473 Version: Update: 20160917 121 | Malwarebytes Detected: True Result: Trojan.Agent.PDD Version: Update: 20160917 122 | Zillya Detected: True Result: Trojan.StartServ.Win32.135 Version: Update: 20160915 123 | SUPERAntiSpyware Detected: True Result: Trojan.Agent/Gen-Jaik Version: Update: 20160917 124 | K7AntiVirus Detected: True Result: Trojan ( 004ae7bf1 ) Version: Update: 20160917 125 | Alibaba Detected: False Result: None Version: Update: 20160914 126 | K7GW Detected: True Result: Trojan ( 004ae7bf1 ) Version: Update: 20160917 127 | TheHacker Detected: True Result: Trojan/ServStart.io Version: Update: 20160916 128 | Invincea Detected: True Result: generic.a Version: Update: 20160917 129 | Baidu Detected: True Result: Win32.Trojan.ServStart.aj Version: Update: 20160914 130 | Cyren Detected: True Result: W32/Heuristic-131!Eldorado Version: Update: 20160917 131 | Symantec Detected: True Result: SMG.Heur!gen Version: Update: 20160917 132 | ESET-NOD32 Detected: True Result: Win32/ServStart.IO Version: Update: 20160917 133 | TrendMicro-HouseCall Detected: True Result: TROJ_SERVSTART_EH06002B.UVPN Version: Update: 20160917 134 | Avast Detected: True Result: Win32:MrBlack-D [Trj] Version: Update: 20160917 135 | ClamAV Detected: False Result: None Version: Update: 20160916 136 | GData Detected: True Result: Gen:Variant.Zusy.146473 Version: Update: 20160917 137 | Kaspersky Detected: True Result: Trojan.Win32.StartServ.xer Version: Update: 20160917 138 | BitDefender Detected: True Result: Gen:Variant.Zusy.146473 Version: Update: 20160917 139 | NANO-Antivirus Detected: True Result: Trojan.Win32.Heuristic131.dcnfpc Version: Update: 20160917 140 | AegisLab Detected: False Result: None Version: Update: 20160917 141 | Tencent Detected: False Result: None Version: Update: 20160917 142 | Ad-Aware Detected: True Result: Gen:Variant.Zusy.146473 Version: Update: 20160917 143 | Sophos Detected: False Result: None Version: Update: 20160917 144 | Comodo Detected: False Result: None Version: Update: 20160916 145 | F-Secure Detected: True Result: Gen:Variant.Zusy.146473 Version: Update: 20160917 146 | DrWeb Detected: True Result: Trojan.Mrblack.3 Version: Update: 20160917 147 | VIPRE Detected: True Result: Trojan.Win32.Generic!SB.0 Version: Update: 20160917 148 | TrendMicro Detected: True Result: TROJ_SERVSTART_EH06002B.UVPN Version: Update: 20160917 149 | McAfee-GW-Edition Detected: True Result: GenericRXAE-XG!92945627F32D Version: Update: 20160917 150 | Emsisoft Detected: True Result: Gen:Variant.Zusy.146473 (B) Version: Update: 20160917 151 | F-Prot Detected: True Result: W32/Heuristic-131!Eldorado Version: Update: 20160917 152 | Jiangmin Detected: True Result: Trojan/Generic.bamdh Version: Update: 20160917 153 | Avira Detected: True Result: BDS/Backdoor.Gen2 Version: Update: 20160917 154 | Antiy-AVL Detected: True Result: Trojan[:HEUR]/Win32.AGeneric Version: Update: 20160916 155 | Kingsoft Detected: False Result: None Version: Update: 20160917 156 | Arcabit Detected: True Result: Trojan.Zusy.D23C29 Version: Update: 20160917 157 | ViRobot Detected: False Result: None Version: Update: 20160917 158 | Microsoft Detected: True Result: Trojan:Win32/ServStart!rfn Version: Update: 20160917 159 | AhnLab-V3 Detected: True Result: Backdoor/Win32.Zegost.R117606 Version: Update: 20160917 160 | McAfee Detected: True Result: GenericRXAE-XG!92945627F32D Version: Update: 20160917 161 | AVware Detected: True Result: Trojan.Win32.Generic!SB.0 Version: Update: 20160917 162 | VBA32 Detected: True Result: Trojan.StartServ Version: Update: 20160917 163 | Zoner Detected: False Result: None Version: Update: 20160917 164 | Rising Detected: True Result: Malware.Heuristic!ET (rdm+) Version: Update: 20160917 165 | Yandex Detected: True Result: Backdoor.Agent!W+qsqWX+TeU Version: Update: 20160916 166 | Ikarus Detected: True Result: Trojan.Win32.ServStart Version: Update: 20160917 167 | Fortinet Detected: True Result: W32/StartServ.VIK!tr Version: Update: 20160917 168 | AVG Detected: True Result: Generic36.WYR Version: Update: 20160917 169 | Panda Detected: True Result: Trj/Genetic.gen Version: Update: 20160917 170 | CrowdStrike Detected: True Result: malicious_confidence_100% (D) Version: Update: 20160725 171 | Qihoo-360 Detected: True Result: HEUR/QVM07.1.0000.Malware.Gen Version: Update: 20160917",NA,,,,,,,https://otx.alienvault.com/indicator/file/92945627f32dfde376ffb7091b5faad2,0,,None,,,,,,,,False,http://www.threatexpert.com/reports.aspx?find=92945627f32dfde376ffb7091b5faad2,Trojan:Win32/ServStart.gen!A 172 | 92945627F32DFDE376FFB7091B5FAAD1,MD5,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/92945627f32dfde376ffb7091b5faad1,0,,None,,,,,,,,False,N/A, 173 | CEEF161D68AE2B690FA9616361271578,MD5,https://www.virustotal.com/file/cebf5c1c762cff1c0442320b118ac83d76266b6358bc768205788bba31abdf24/analysis/1472635960/,2016-08-31 09:32:40,cebf5c1c762cff1c0442320b118ac83d76266b6358bc768205788bba31abdf24,536f9792b32a1eb2cc5ecd463d2fbed01d28175c,ceef161d68ae2b690fa9616361271578,"Scan finished, information embedded",47,58,81.0344827586,"Bkav Detected: False Result: None Version: Update: 20160831 174 | MicroWorld-eScan Detected: True Result: Generic.MSIL.Bladabindi.3D8207C9 Version: Update: 20160831 175 | nProtect Detected: False Result: None Version: Update: 20160831 176 | CMC Detected: False Result: None Version: Update: 20160830 177 | CAT-QuickHeal Detected: True Result: Trojan.Bladabindi.B3 Version: Update: 20160831 178 | ALYac Detected: True Result: Generic.MSIL.Bladabindi.3D8207C9 Version: Update: 20160831 179 | Malwarebytes Detected: True Result: Trojan.Agent.MSIL Version: Update: 20160831 180 | VIPRE Detected: True Result: Backdoor.MSIL.Bladabindi.a (v) Version: Update: 20160831 181 | TheHacker Detected: False Result: None Version: Update: 20160829 182 | BitDefender Detected: True Result: Generic.MSIL.Bladabindi.3D8207C9 Version: Update: 20160831 183 | K7GW Detected: True Result: Trojan ( 700000121 ) Version: Update: 20160831 184 | K7AntiVirus Detected: True Result: Trojan ( 700000121 ) Version: Update: 20160831 185 | Invincea Detected: True Result: backdoor.msil.bladabindi.aj Version: Update: 20160830 186 | Baidu Detected: True Result: MSIL.Backdoor.Bladabindi.a Version: Update: 20160831 187 | F-Prot Detected: True Result: W32/MSIL_Bladabindi.A2.gen!Eldorado Version: Update: 20160831 188 | Symantec Detected: True Result: Heur.AdvML.B Version: Update: 20160831 189 | TotalDefense Detected: True Result: Win32/DotNetDl.A!generic Version: Update: 20160831 190 | TrendMicro-HouseCall Detected: True Result: BKDR_BLADABI.SMC Version: Update: 20160831 191 | Avast Detected: True Result: MSIL:Agent-CTT [Trj] Version: Update: 20160831 192 | ClamAV Detected: True Result: Win.Trojan.B-468 Version: Update: 20160831 193 | Kaspersky Detected: True Result: HEUR:Trojan.Win32.Generic Version: Update: 20160831 194 | Alibaba Detected: False Result: None Version: Update: 20160831 195 | NANO-Antivirus Detected: True Result: Trojan.Win32.DownLoader10.ctopxm Version: Update: 20160831 196 | ViRobot Detected: False Result: None Version: Update: 20160831 197 | AegisLab Detected: True Result: Troj.W32.Gen.lZFZ Version: Update: 20160831 198 | Rising Detected: True Result: Backdoor.MSIL.Bladabindi!1.9E49 (classic) Version: Update: 20160831 199 | Ad-Aware Detected: True Result: Generic.MSIL.Bladabindi.3D8207C9 Version: Update: 20160831 200 | Sophos Detected: True Result: Troj/MSIL-HX Version: Update: 20160831 201 | Comodo Detected: True Result: TrojWare.MSIL.Bladabindi.KX Version: Update: 20160831 202 | F-Secure Detected: True Result: Generic.MSIL.Bladabindi.3D8207C9 Version: Update: 20160831 203 | DrWeb Detected: True Result: Trojan.DownLoader10.20236 Version: Update: 20160831 204 | Zillya Detected: True Result: Trojan.Bladabindi.Win32.15117 Version: Update: 20160831 205 | TrendMicro Detected: True Result: BKDR_BLADABI.SMC Version: Update: 20160831 206 | McAfee-GW-Edition Detected: True Result: BehavesLike.Win32.BackdoorNJRat.mm Version: Update: 20160831 207 | Emsisoft Detected: True Result: Generic.MSIL.Bladabindi.3D8207C9 (B) Version: Update: 20160831 208 | Cyren Detected: True Result: W32/MSIL_Bladabindi.A2.gen!Eldorado Version: Update: 20160831 209 | Jiangmin Detected: False Result: None Version: Update: 20160831 210 | Avira Detected: True Result: TR/ATRAPS.Gen Version: Update: 20160831 211 | Fortinet Detected: True Result: MSIL/Agent.PPV!tr Version: Update: 20160831 212 | Antiy-AVL Detected: True Result: Trojan[:HEUR]/Win32.AGeneric Version: Update: 20160831 213 | Kingsoft Detected: False Result: None Version: Update: 20160831 214 | Arcabit Detected: True Result: Generic.MSIL.Bladabindi.3D8207C9 Version: Update: 20160831 215 | SUPERAntiSpyware Detected: True Result: Trojan.Agent/Gen-Barys Version: Update: 20160831 216 | Microsoft Detected: True Result: Backdoor:MSIL/Bladabindi.AJ Version: Update: 20160831 217 | AhnLab-V3 Detected: True Result: Trojan/Win32.Generic.R108665 Version: Update: 20160831 218 | McAfee Detected: True Result: Trojan-FIGN Version: Update: 20160831 219 | AVware Detected: True Result: Backdoor.MSIL.Bladabindi.a (v) Version: Update: 20160831 220 | VBA32 Detected: False Result: None Version: Update: 20160831 221 | Zoner Detected: False Result: None Version: Update: 20160831 222 | ESET-NOD32 Detected: True Result: a variant of MSIL/Bladabindi.AS Version: Update: 20160831 223 | Tencent Detected: True Result: Win32.Trojan.Generic.Tdzr Version: Update: 20160831 224 | Yandex Detected: True Result: Trojan.RatJn.Gen.MG Version: Update: 20160830 225 | Ikarus Detected: True Result: Trojan.MSIL.Bladabindi Version: Update: 20160831 226 | GData Detected: True Result: Generic.MSIL.Bladabindi.3D8207C9 Version: Update: 20160831 227 | AVG Detected: True Result: PSW.ILUSpy Version: Update: 20160831 228 | Panda Detected: True Result: Trj/GdSda.A Version: Update: 20160831 229 | CrowdStrike Detected: True Result: malicious_confidence_100% (W) Version: Update: 20160725 230 | Qihoo-360 Detected: False Result: None Version: Update: 20160831",https://www.threatcrowd.org/malware.php?md5=ceef161d68ae2b690fa9616361271578,536f9792b32a1eb2cc5ecd463d2fbed01d28175c,ceef161d68ae2b690fa9616361271578,194.58.74.79,,root123.ddns.net,,https://otx.alienvault.com/indicator/file/CEEF161D68AE2B690FA9616361271578,0,,None,536f9792b32a1eb2cc5ecd463d2fbed01d28175c,cebf5c1c762cff1c0442320b118ac83d76266b6358bc768205788bba31abdf24,ceef161d68ae2b690fa9616361271578,384:EqG9WgS1pKCIdJGG/EyZ+XLCPY1G2ZV/rljITFKiwyexivdK0LE2rWGMbiNrxw+s:Wdj/nZkCQYo/rpk8ge8lK0LtWDbuVJ,29184,PEXE,"PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows",False,http://www.threatexpert.com/reports.aspx?find=CEEF161D68AE2B690FA9616361271578,Trojan:MSIL/Bladabindi.B 231 | D41D8CD98F00B204E9800998ECF8427E,MD5,https://www.virustotal.com/file/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/analysis/1474159744/,2016-09-18 00:49:04,e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855,da39a3ee5e6b4b0d3255bfef95601890afd80709,d41d8cd98f00b204e9800998ecf8427e,"Scan finished, information embedded",0,55,0.0,"Bkav Detected: False Result: None Version: Update: 20160917 232 | MicroWorld-eScan Detected: False Result: None Version: Update: 20160918 233 | nProtect Detected: False Result: None Version: Update: 20160917 234 | CMC Detected: False Result: None Version: Update: 20160916 235 | CAT-QuickHeal Detected: False Result: None Version: Update: 20160917 236 | McAfee Detected: False Result: None Version: Update: 20160917 237 | Malwarebytes Detected: False Result: None Version: Update: 20160917 238 | VIPRE Detected: False Result: None Version: Update: 20160918 239 | TheHacker Detected: False Result: None Version: Update: 20160916 240 | BitDefender Detected: False Result: None Version: Update: 20160918 241 | K7GW Detected: False Result: None Version: Update: 20160917 242 | K7AntiVirus Detected: False Result: None Version: Update: 20160917 243 | Baidu Detected: False Result: None Version: Update: 20160914 244 | F-Prot Detected: False Result: None Version: Update: 20160918 245 | Symantec Detected: False Result: None Version: Update: 20160918 246 | ESET-NOD32 Detected: False Result: None Version: Update: 20160917 247 | TrendMicro-HouseCall Detected: False Result: None Version: Update: 20160918 248 | Avast Detected: False Result: None Version: Update: 20160918 249 | ClamAV Detected: False Result: None Version: Update: 20160916 250 | Kaspersky Detected: False Result: None Version: Update: 20160917 251 | Alibaba Detected: False Result: None Version: Update: 20160914 252 | NANO-Antivirus Detected: False Result: None Version: Update: 20160918 253 | ViRobot Detected: False Result: None Version: Update: 20160917 254 | AegisLab Detected: False Result: None Version: Update: 20160917 255 | Rising Detected: False Result: None Version: Update: 20160918 256 | Ad-Aware Detected: False Result: None Version: Update: 20160918 257 | Sophos Detected: False Result: None Version: Update: 20160918 258 | Comodo Detected: False Result: None Version: Update: 20160916 259 | F-Secure Detected: False Result: None Version: Update: 20160918 260 | DrWeb Detected: False Result: None Version: Update: 20160918 261 | Zillya Detected: False Result: None Version: Update: 20160915 262 | TrendMicro Detected: False Result: None Version: Update: 20160918 263 | McAfee-GW-Edition Detected: False Result: None Version: Update: 20160918 264 | Emsisoft Detected: False Result: None Version: Update: 20160918 265 | Cyren Detected: False Result: None Version: Update: 20160918 266 | Jiangmin Detected: False Result: None Version: Update: 20160917 267 | Avira Detected: False Result: None Version: Update: 20160917 268 | Fortinet Detected: False Result: None Version: Update: 20160918 269 | Antiy-AVL Detected: False Result: None Version: Update: 20160918 270 | Kingsoft Detected: False Result: None Version: Update: 20160918 271 | Arcabit Detected: False Result: None Version: Update: 20160917 272 | SUPERAntiSpyware Detected: False Result: None Version: Update: 20160917 273 | Microsoft Detected: False Result: None Version: Update: 20160917 274 | AhnLab-V3 Detected: False Result: None Version: Update: 20160917 275 | ALYac Detected: False Result: None Version: Update: 20160918 276 | AVware Detected: False Result: None Version: Update: 20160918 277 | VBA32 Detected: False Result: None Version: Update: 20160917 278 | Zoner Detected: False Result: None Version: Update: 20160917 279 | Tencent Detected: False Result: None Version: Update: 20160918 280 | Yandex Detected: False Result: None Version: Update: 20160917 281 | Ikarus Detected: False Result: None Version: Update: 20160917 282 | GData Detected: False Result: None Version: Update: 20160917 283 | AVG Detected: False Result: None Version: Update: 20160918 284 | Panda Detected: False Result: None Version: Update: 20160917 285 | Qihoo-360 Detected: False Result: None Version: Update: 20160918",https://www.threatcrowd.org/malware.php?md5=d41d8cd98f00b204e9800998ecf8427e,0117a6026e1a3fcff386558a2c7386deb4643662,d41d8cd98f00b204e9800998ecf8427e,,,intweb.mobwork.net,BackDoor.Comet.2020; Mal/MSIL-PX; Trojan.MSIL.Crypt; W32/Trojan.UEGX-7731; Backdoor*Win32/Fynloski; Trojan ( 004be5b21 ); MSIL/Packed.Confuser.P suspicious; Suspicious.0000000000480.mg; TR/Crypt.Xpack.440461; ,Invalid file hash,,,,,,,,,,,True,http://www.threatexpert.com/reports.aspx?find=D41D8CD98F00B204E9800998ECF8427E,"Mal/Behav-044, Trojan-Spy.Win32.Bancos 286 | W32.Ramnit!inf, Virus.Win32.Nimnul.a, W32/Ramnit.a, W32/Patched-I.. 287 | W32.Ramnit!inf, Virus.Win32.Nimnul.a, W32/Ramnit.a, W32/Patched-I.. 288 | Backdoor:Win32/Zegost.Q, Backdoor.Win32.Inject 289 | [High Risk] 290 | Trojan:MSIL/Bladabindi.B 291 | Trojan-Dropper.Win32.Dorifel 292 | Win32.SuspectCrc, Backdoor.ProRAT.K 293 | Trojan:MSIL/Bladabindi.B, Win32.SuspectCrc 294 | W32.Kwbot.Worm, Trojan-Dropper.Win32.Loring, WORM_SDBOT.DMA.. 295 | Trojan:MSIL/Bladabindi.B 296 | 4" 297 | B284A42B124849E71DBEF653D30229F1,MD5,https://www.virustotal.com/file/da3a3e5c3e436967c2f62d6e777b9f9b118ab995ee1a569161494489614c09fa/analysis/1472590869/,2016-08-30 21:01:09,da3a3e5c3e436967c2f62d6e777b9f9b118ab995ee1a569161494489614c09fa,0322a0ba58b95db9a2227f12d193fddea74cff89,b284a42b124849e71dbef653d30229f1,"Scan finished, information embedded",31,56,55.3571428571,"Bkav Detected: False Result: None Version: Update: 20160830 298 | MicroWorld-eScan Detected: True Result: Gen:Variant.Symmi.54995 Version: Update: 20160830 299 | nProtect Detected: False Result: None Version: Update: 20160830 300 | CMC Detected: False Result: None Version: Update: 20160830 301 | CAT-QuickHeal Detected: False Result: None Version: Update: 20160830 302 | McAfee Detected: True Result: Artemis!B284A42B1248 Version: Update: 20160830 303 | Malwarebytes Detected: False Result: None Version: Update: 20160830 304 | VIPRE Detected: True Result: Trojan.Win32.Generic!BT Version: Update: 20160830 305 | TheHacker Detected: False Result: None Version: Update: 20160829 306 | BitDefender Detected: True Result: Gen:Variant.Symmi.54995 Version: Update: 20160830 307 | K7GW Detected: True Result: Trojan ( 004d73c41 ) Version: Update: 20160830 308 | K7AntiVirus Detected: True Result: Trojan ( 004d73c41 ) Version: Update: 20160830 309 | TrendMicro Detected: True Result: TROJ_GEN.R02LC0RHU16 Version: Update: 20160830 310 | Baidu Detected: True Result: Win32.Backdoor.Yobdam.a Version: Update: 20160830 311 | F-Prot Detected: True Result: W32/S-832592b6!Eldorado Version: Update: 20160830 312 | Symantec Detected: True Result: Heur.AdvML.B Version: Update: 20160830 313 | TotalDefense Detected: False Result: None Version: Update: 20160830 314 | TrendMicro-HouseCall Detected: True Result: TROJ_GEN.R02LC0RHU16 Version: Update: 20160830 315 | Avast Detected: True Result: Win32:Malware-gen Version: Update: 20160830 316 | ClamAV Detected: False Result: None Version: Update: 20160830 317 | Kaspersky Detected: False Result: None Version: Update: 20160830 318 | Alibaba Detected: False Result: None Version: Update: 20160830 319 | NANO-Antivirus Detected: False Result: None Version: Update: 20160830 320 | ViRobot Detected: False Result: None Version: Update: 20160830 321 | SUPERAntiSpyware Detected: False Result: None Version: Update: 20160830 322 | Rising Detected: True Result: Malware.Generic!8PHSzFEMApC@5 (thunder) Version: Update: 20160830 323 | Ad-Aware Detected: True Result: Gen:Variant.Symmi.54995 Version: Update: 20160830 324 | Sophos Detected: True Result: Mal/Behav-009 Version: Update: 20160830 325 | Comodo Detected: False Result: None Version: Update: 20160830 326 | F-Secure Detected: True Result: Gen:Variant.Symmi.54995 Version: Update: 20160830 327 | DrWeb Detected: False Result: None Version: Update: 20160830 328 | Zillya Detected: False Result: None Version: Update: 20160830 329 | Invincea Detected: True Result: virus.win32.sality.h Version: Update: 20160830 330 | McAfee-GW-Edition Detected: True Result: BehavesLike.Win32.Downloader.cc Version: Update: 20160830 331 | Emsisoft Detected: True Result: Gen:Variant.Symmi.54995 (B) Version: Update: 20160830 332 | Cyren Detected: True Result: W32/S-832592b6!Eldorado Version: Update: 20160830 333 | Jiangmin Detected: True Result: TrojanDownloader.Agent.fjny Version: Update: 20160830 334 | Avira Detected: True Result: TR/ATRAPS.Gen2 Version: Update: 20160830 335 | Fortinet Detected: False Result: None Version: Update: 20160830 336 | Antiy-AVL Detected: False Result: None Version: Update: 20160830 337 | Kingsoft Detected: False Result: None Version: Update: 20160830 338 | Arcabit Detected: True Result: Trojan.Symmi.DD6D3 Version: Update: 20160830 339 | AegisLab Detected: False Result: None Version: Update: 20160830 340 | Microsoft Detected: False Result: None Version: Update: 20160830 341 | AhnLab-V3 Detected: False Result: None Version: Update: 20160830 342 | VBA32 Detected: False Result: None Version: Update: 20160830 343 | AVware Detected: True Result: Trojan.Win32.Generic!BT Version: Update: 20160830 344 | Zoner Detected: False Result: None Version: Update: 20160830 345 | ESET-NOD32 Detected: True Result: a variant of Win32/Delf.TJF Version: Update: 20160830 346 | Tencent Detected: True Result: Win32.Trojan.Atraps.Pefk Version: Update: 20160830 347 | Yandex Detected: False Result: None Version: Update: 20160830 348 | Ikarus Detected: True Result: Backdoor.Win32.Hupigon Version: Update: 20160830 349 | GData Detected: True Result: Gen:Variant.Symmi.54995 Version: Update: 20160830 350 | AVG Detected: True Result: Delf.AYAY Version: Update: 20160830 351 | Panda Detected: True Result: Trj/GdSda.A Version: Update: 20160830 352 | Qihoo-360 Detected: True Result: HEUR/QVM33.0.0000.Malware.Gen Version: Update: 20160830",NA,,,,,,,https://otx.alienvault.com/indicator/file/B284A42B124849E71DBEF653D30229F1,0,,None,0322a0ba58b95db9a2227f12d193fddea74cff89,da3a3e5c3e436967c2f62d6e777b9f9b118ab995ee1a569161494489614c09fa,b284a42b124849e71dbef653d30229f1,24576:jkn0lw5QdZ35jueUc9zdvtRYl9v39gjg:jknWw5QdV5yeUcdvtRYl9v3Sjg,855552,PEXE,"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows",False,http://www.threatexpert.com/reports.aspx?find=B284A42B124849E71DBEF653D30229F1,"Mal/Behav-009, Mal/Behav-009" 353 | 0322A0BA58B95DB9A2227F12D193FDDEA74CFF89,SHA-1,https://www.virustotal.com/file/da3a3e5c3e436967c2f62d6e777b9f9b118ab995ee1a569161494489614c09fa/analysis/1472590869/,2016-08-30 21:01:09,da3a3e5c3e436967c2f62d6e777b9f9b118ab995ee1a569161494489614c09fa,0322a0ba58b95db9a2227f12d193fddea74cff89,b284a42b124849e71dbef653d30229f1,"Scan finished, information embedded",31,56,55.3571428571,"Bkav Detected: False Result: None Version: Update: 20160830 354 | MicroWorld-eScan Detected: True Result: Gen:Variant.Symmi.54995 Version: Update: 20160830 355 | nProtect Detected: False Result: None Version: Update: 20160830 356 | CMC Detected: False Result: None Version: Update: 20160830 357 | CAT-QuickHeal Detected: False Result: None Version: Update: 20160830 358 | McAfee Detected: True Result: Artemis!B284A42B1248 Version: Update: 20160830 359 | Malwarebytes Detected: False Result: None Version: Update: 20160830 360 | VIPRE Detected: True Result: Trojan.Win32.Generic!BT Version: Update: 20160830 361 | TheHacker Detected: False Result: None Version: Update: 20160829 362 | BitDefender Detected: True Result: Gen:Variant.Symmi.54995 Version: Update: 20160830 363 | K7GW Detected: True Result: Trojan ( 004d73c41 ) Version: Update: 20160830 364 | K7AntiVirus Detected: True Result: Trojan ( 004d73c41 ) Version: Update: 20160830 365 | TrendMicro Detected: True Result: TROJ_GEN.R02LC0RHU16 Version: Update: 20160830 366 | Baidu Detected: True Result: Win32.Backdoor.Yobdam.a Version: Update: 20160830 367 | F-Prot Detected: True Result: W32/S-832592b6!Eldorado Version: Update: 20160830 368 | Symantec Detected: True Result: Heur.AdvML.B Version: Update: 20160830 369 | TotalDefense Detected: False Result: None Version: Update: 20160830 370 | TrendMicro-HouseCall Detected: True Result: TROJ_GEN.R02LC0RHU16 Version: Update: 20160830 371 | Avast Detected: True Result: Win32:Malware-gen Version: Update: 20160830 372 | ClamAV Detected: False Result: None Version: Update: 20160830 373 | Kaspersky Detected: False Result: None Version: Update: 20160830 374 | Alibaba Detected: False Result: None Version: Update: 20160830 375 | NANO-Antivirus Detected: False Result: None Version: Update: 20160830 376 | ViRobot Detected: False Result: None Version: Update: 20160830 377 | SUPERAntiSpyware Detected: False Result: None Version: Update: 20160830 378 | Rising Detected: True Result: Malware.Generic!8PHSzFEMApC@5 (thunder) Version: Update: 20160830 379 | Ad-Aware Detected: True Result: Gen:Variant.Symmi.54995 Version: Update: 20160830 380 | Sophos Detected: True Result: Mal/Behav-009 Version: Update: 20160830 381 | Comodo Detected: False Result: None Version: Update: 20160830 382 | F-Secure Detected: True Result: Gen:Variant.Symmi.54995 Version: Update: 20160830 383 | DrWeb Detected: False Result: None Version: Update: 20160830 384 | Zillya Detected: False Result: None Version: Update: 20160830 385 | Invincea Detected: True Result: virus.win32.sality.h Version: Update: 20160830 386 | McAfee-GW-Edition Detected: True Result: BehavesLike.Win32.Downloader.cc Version: Update: 20160830 387 | Emsisoft Detected: True Result: Gen:Variant.Symmi.54995 (B) Version: Update: 20160830 388 | Cyren Detected: True Result: W32/S-832592b6!Eldorado Version: Update: 20160830 389 | Jiangmin Detected: True Result: TrojanDownloader.Agent.fjny Version: Update: 20160830 390 | Avira Detected: True Result: TR/ATRAPS.Gen2 Version: Update: 20160830 391 | Fortinet Detected: False Result: None Version: Update: 20160830 392 | Antiy-AVL Detected: False Result: None Version: Update: 20160830 393 | Kingsoft Detected: False Result: None Version: Update: 20160830 394 | Arcabit Detected: True Result: Trojan.Symmi.DD6D3 Version: Update: 20160830 395 | AegisLab Detected: False Result: None Version: Update: 20160830 396 | Microsoft Detected: False Result: None Version: Update: 20160830 397 | AhnLab-V3 Detected: False Result: None Version: Update: 20160830 398 | VBA32 Detected: False Result: None Version: Update: 20160830 399 | AVware Detected: True Result: Trojan.Win32.Generic!BT Version: Update: 20160830 400 | Zoner Detected: False Result: None Version: Update: 20160830 401 | ESET-NOD32 Detected: True Result: a variant of Win32/Delf.TJF Version: Update: 20160830 402 | Tencent Detected: True Result: Win32.Trojan.Atraps.Pefk Version: Update: 20160830 403 | Yandex Detected: False Result: None Version: Update: 20160830 404 | Ikarus Detected: True Result: Backdoor.Win32.Hupigon Version: Update: 20160830 405 | GData Detected: True Result: Gen:Variant.Symmi.54995 Version: Update: 20160830 406 | AVG Detected: True Result: Delf.AYAY Version: Update: 20160830 407 | Panda Detected: True Result: Trj/GdSda.A Version: Update: 20160830 408 | Qihoo-360 Detected: True Result: HEUR/QVM33.0.0000.Malware.Gen Version: Update: 20160830",NA,,,,,,,https://otx.alienvault.com/indicator/file/0322A0BA58B95DB9A2227F12D193FDDEA74CFF89,0,,None,0322a0ba58b95db9a2227f12d193fddea74cff89,da3a3e5c3e436967c2f62d6e777b9f9b118ab995ee1a569161494489614c09fa,b284a42b124849e71dbef653d30229f1,24576:jkn0lw5QdZ35jueUc9zdvtRYl9v39gjg:jknWw5QdV5yeUcdvtRYl9v3Sjg,855552,PEXE,"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows",False,N/A, 409 | E02CE6D73156A11BA84A798B26DE1D12,MD5,https://www.virustotal.com/file/26ee87d96144e5882302ae4f98ebd1c58f5f53223438e4a6498bf465848a8c0a/analysis/1470068910/,2016-08-01 16:28:30,26ee87d96144e5882302ae4f98ebd1c58f5f53223438e4a6498bf465848a8c0a,725e80cab7c88d7e960c478e1b975e003e0c0c66,e02ce6d73156a11ba84a798b26de1d12,"Scan finished, information embedded",54,55,98.1818181818,"Bkav Detected: True Result: W32.Sality.PE Version: Update: 20160801 410 | MicroWorld-eScan Detected: True Result: Win32.Sality.3 Version: Update: 20160801 411 | nProtect Detected: True Result: Virus/W32.Sality.D Version: Update: 20160729 412 | CMC Detected: True Result: Trojan.Win32.MicroFake!O Version: Update: 20160801 413 | CAT-QuickHeal Detected: True Result: W32.Sality.U Version: Update: 20160801 414 | McAfee Detected: True Result: W32/Sality.gen.z Version: Update: 20160801 415 | Malwarebytes Detected: True Result: Trojan.FakeLPK Version: Update: 20160801 416 | VIPRE Detected: True Result: Virus.Win32.Sality.at (v) Version: Update: 20160801 417 | TheHacker Detected: True Result: W32/Sality.gen Version: Update: 20160729 418 | BitDefender Detected: True Result: Win32.Sality.3 Version: Update: 20160801 419 | K7GW Detected: True Result: Trojan ( 0040f8ac1 ) Version: Update: 20160801 420 | K7AntiVirus Detected: True Result: Trojan ( 0040f8ac1 ) Version: Update: 20160801 421 | Baidu Detected: True Result: Win32.Virus.Sality.gen Version: Update: 20160801 422 | Cyren Detected: True Result: W32/Sality.gen2 Version: Update: 20160801 423 | Symantec Detected: True Result: W32.Sality.AE Version: Update: 20160801 424 | ESET-NOD32 Detected: True Result: Win32/Sality.NBA Version: Update: 20160801 425 | TrendMicro-HouseCall Detected: True Result: TROJ_VSTART.SMA Version: Update: 20160801 426 | Avast Detected: True Result: Win32:Malware-gen Version: Update: 20160801 427 | ClamAV Detected: True Result: Win.Trojan.Scar-545 Version: Update: 20160801 428 | Kaspersky Detected: True Result: Virus.Win32.Sality.gen Version: Update: 20160801 429 | Alibaba Detected: False Result: None Version: Update: 20160801 430 | NANO-Antivirus Detected: True Result: Virus.Win32.Sality.beygb Version: Update: 20160801 431 | ViRobot Detected: True Result: Win32.Sality.Gen.A[h] Version: Update: 20160801 432 | SUPERAntiSpyware Detected: True Result: Trojan.Agent/Gen-DDOS Version: Update: 20160801 433 | Ad-Aware Detected: True Result: Win32.Sality.3 Version: Update: 20160801 434 | Sophos Detected: True Result: Mal/Nitol-C Version: Update: 20160801 435 | Comodo Detected: True Result: Virus.Win32.Sality.gen Version: Update: 20160801 436 | F-Secure Detected: True Result: Win32.Sality.3 Version: Update: 20160801 437 | DrWeb Detected: True Result: Win32.Sector.30 Version: Update: 20160801 438 | Zillya Detected: True Result: Virus.Sality.Win32.25 Version: Update: 20160731 439 | TrendMicro Detected: True Result: TROJ_VSTART.SMA Version: Update: 20160801 440 | McAfee-GW-Edition Detected: True Result: BehavesLike.Win32.Sdbot.cc Version: Update: 20160801 441 | Emsisoft Detected: True Result: Win32.Sality.3 (B) Version: Update: 20160801 442 | F-Prot Detected: True Result: W32/Sality.gen2 Version: Update: 20160801 443 | Jiangmin Detected: True Result: Win32/HLLP.Kuku.Gen Version: Update: 20160801 444 | Avira Detected: True Result: W32/Sality.AT Version: Update: 20160801 445 | Fortinet Detected: True Result: W32/Generic.AC.2D85!tr Version: Update: 20160801 446 | Antiy-AVL Detected: True Result: Virus/Win32.Dzan.a Version: Update: 20160801 447 | Kingsoft Detected: True Result: Win32.Sality.lx.368640 Version: Update: 20160801 448 | Arcabit Detected: True Result: Win32.Sality.3 Version: Update: 20160801 449 | AegisLab Detected: True Result: Troj.W32.Gen.lZLu Version: Update: 20160801 450 | AhnLab-V3 Detected: True Result: Win32/Kashu.E Version: Update: 20160801 451 | Microsoft Detected: True Result: DDoS:Win32/Nitol.B Version: Update: 20160801 452 | TotalDefense Detected: True Result: Win32/Sality.AA Version: Update: 20160801 453 | ALYac Detected: True Result: Win32.Sality.3 Version: Update: 20160801 454 | AVware Detected: True Result: Virus.Win32.Sality.at (v) Version: Update: 20160801 455 | VBA32 Detected: True Result: Virus.Win32.Sality.bakc Version: Update: 20160801 456 | Zoner Detected: True Result: TrojanDownloader.ServStart.AC Version: Update: 20160801 457 | Tencent Detected: True Result: Trojan.Win32.FakeLpk.bkd Version: Update: 20160801 458 | Yandex Detected: True Result: Win32.Sality.BL Version: Update: 20160731 459 | Ikarus Detected: True Result: Trojan.Win32.ServStart Version: Update: 20160801 460 | GData Detected: True Result: Win32.Sality.3 Version: Update: 20160801 461 | AVG Detected: True Result: BackDoor.Generic_r.ARQ Version: Update: 20160801 462 | Panda Detected: True Result: W32/Sality.AA Version: Update: 20160801 463 | Qihoo-360 Detected: True Result: Backdoor.Win32.Rbot.B Version: Update: 20160801",NA,,,,,,,https://otx.alienvault.com/indicator/file/E02CE6D73156A11BA84A798B26DE1D12,0,,None,,,,,,,,False,http://www.threatexpert.com/reports.aspx?find=E02CE6D73156A11BA84A798B26DE1D12,"W32.Sality.AE, Virus.Win32.Sality.gen, W32/Sality.gen.z, Mal/Sality-D.." 464 | B4ED7AEDACD28CBBDE6978FB09C22C75,MD5,https://www.virustotal.com/file/6a6f5ca9ea72f4573e8406ef3c2539fee721093b48124d99bcdd3093a06b7638/analysis/1472590951/,2016-08-30 21:02:31,6a6f5ca9ea72f4573e8406ef3c2539fee721093b48124d99bcdd3093a06b7638,c6336ea255efa7371337c0882d175bee44cbbd49,b4ed7aedacd28cbbde6978fb09c22c75,"Scan finished, information embedded",56,58,96.5517241379,"Bkav Detected: True Result: W32.BackdoorWabot.Trojan Version: Update: 20160830 465 | MicroWorld-eScan Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 466 | nProtect Detected: True Result: Backdoor/W32.Wabot.1667584 Version: Update: 20160830 467 | CMC Detected: True Result: Backdoor.Win32.Wabot!O Version: Update: 20160830 468 | CAT-QuickHeal Detected: True Result: Trojan.Wabot.A8 Version: Update: 20160830 469 | ALYac Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 470 | Malwarebytes Detected: True Result: Backdoor.Wabot Version: Update: 20160830 471 | VIPRE Detected: True Result: Trojan.Win32.Generic!SB.0 Version: Update: 20160830 472 | SUPERAntiSpyware Detected: True Result: Trojan.Agent/Gen-Wabot Version: Update: 20160830 473 | CrowdStrike Detected: True Result: malicious_confidence_100% (W) Version: Update: 20160725 474 | Alibaba Detected: False Result: None Version: Update: 20160830 475 | K7GW Detected: True Result: Trojan ( 004be76d1 ) Version: Update: 20160830 476 | K7AntiVirus Detected: True Result: Trojan ( 004be76d1 ) Version: Update: 20160830 477 | TheHacker Detected: True Result: Backdoor/Wabot.a Version: Update: 20160829 478 | Invincea Detected: True Result: backdoor.win32.wabot.a Version: Update: 20160830 479 | Baidu Detected: True Result: Win32.Backdoor.Wabot.a Version: Update: 20160830 480 | F-Prot Detected: True Result: W32/A-a17f4dfc!Eldorado Version: Update: 20160830 481 | Symantec Detected: True Result: W32.Wabot Version: Update: 20160830 482 | TotalDefense Detected: True Result: Win32/DCMgreen.A Version: Update: 20160830 483 | Zoner Detected: True Result: I-Worm.Delf.NRF Version: Update: 20160830 484 | TrendMicro-HouseCall Detected: True Result: BKDR_WABOT.SMIA Version: Update: 20160830 485 | Avast Detected: True Result: Win32:Wabot [Trj] Version: Update: 20160830 486 | ClamAV Detected: True Result: Win.Trojan.Wabot-1 Version: Update: 20160830 487 | Kaspersky Detected: True Result: Backdoor.Win32.Wabot.a Version: Update: 20160830 488 | BitDefender Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 489 | NANO-Antivirus Detected: True Result: Trojan.Win32.Wabot.dmukv Version: Update: 20160830 490 | ViRobot Detected: True Result: Backdoor.Win32.Wabot.157619[h] Version: Update: 20160830 491 | Tencent Detected: True Result: Trojan.Win32.Wabot.a Version: Update: 20160830 492 | Ad-Aware Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 493 | Sophos Detected: True Result: Troj/Luiha-M Version: Update: 20160830 494 | Comodo Detected: True Result: Backdoor.Win32.Wabot.A Version: Update: 20160830 495 | F-Secure Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 496 | DrWeb Detected: True Result: Trojan.MulDrop2.11051 Version: Update: 20160830 497 | Zillya Detected: True Result: Backdoor.Wabot.Win32.1 Version: Update: 20160830 498 | TrendMicro Detected: True Result: BKDR_WABOT.SMIA Version: Update: 20160830 499 | McAfee-GW-Edition Detected: True Result: BehavesLike.Win32.Wabot.tc Version: Update: 20160830 500 | Emsisoft Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli (B) Version: Update: 20160830 501 | Cyren Detected: True Result: W32/A-a17f4dfc!Eldorado Version: Update: 20160830 502 | Jiangmin Detected: True Result: Backdoor/Wabot.z Version: Update: 20160830 503 | Avira Detected: True Result: TR/Dldr.Delphi.Gen Version: Update: 20160830 504 | Antiy-AVL Detected: True Result: Trojan[Backdoor]/Win32.Wabot.a Version: Update: 20160830 505 | Kingsoft Detected: False Result: None Version: Update: 20160830 506 | Microsoft Detected: True Result: Backdoor:Win32/Wabot.A Version: Update: 20160830 507 | AegisLab Detected: True Result: Backdoor.W32.Wabot.tn6b Version: Update: 20160830 508 | GData Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 509 | AhnLab-V3 Detected: True Result: Worm/Win32.IRCBot.N2091513092 Version: Update: 20160830 510 | McAfee Detected: True Result: W32/Wabot Version: Update: 20160830 511 | AVware Detected: True Result: Trojan.Win32.Generic!SB.0 Version: Update: 20160830 512 | VBA32 Detected: True Result: Backdoor.Wabot Version: Update: 20160830 513 | Arcabit Detected: True Result: Trojan.ShellIni.ED32CE Version: Update: 20160830 514 | ESET-NOD32 Detected: True Result: Win32/Delf.NRF Version: Update: 20160830 515 | Rising Detected: True Result: Malware.Heuristic!ET (rdm+) Version: Update: 20160830 516 | Yandex Detected: True Result: Backdoor.Wabot!AWDH2njzaiI Version: Update: 20160830 517 | Ikarus Detected: True Result: P2P-Worm.Win32.Delf Version: Update: 20160830 518 | Fortinet Detected: True Result: W32/Generic.AC.234D!tr Version: Update: 20160830 519 | AVG Detected: True Result: BackDoor.Wabot.A Version: Update: 20160830 520 | Panda Detected: True Result: Backdoor Program Version: Update: 20160830 521 | Qihoo-360 Detected: True Result: Backdoor.Win32.Agent.DP Version: Update: 20160830",NA,,,,,,,https://otx.alienvault.com/indicator/file/B4ED7AEDACD28CBBDE6978FB09C22C75,0,,None,c6336ea255efa7371337c0882d175bee44cbbd49,6a6f5ca9ea72f4573e8406ef3c2539fee721093b48124d99bcdd3093a06b7638,b4ed7aedacd28cbbde6978fb09c22c75,24576:51bR29qjMWFMeXgGOEF4Y9qxwW2dexOJ0LOG0MXO0+8vLisg9FMRSLFRM7UXF:5dAW6SpOEFwzOc5eZoL7xSh2QV,1667584,PEXE,"PE32 executable (GUI) Intel 80386, for MS Windows",False,http://www.threatexpert.com/reports.aspx?find=B4ED7AEDACD28CBBDE6978FB09C22C75,"Trojan.Gen, Backdoor.Win32.Wabot.a, W32/Wabot, Troj/Luiha-M.." 522 | C6336EA255EFA7371337C0882D175BEE44CBBD49,SHA-1,https://www.virustotal.com/file/6a6f5ca9ea72f4573e8406ef3c2539fee721093b48124d99bcdd3093a06b7638/analysis/1472590951/,2016-08-30 21:02:31,6a6f5ca9ea72f4573e8406ef3c2539fee721093b48124d99bcdd3093a06b7638,c6336ea255efa7371337c0882d175bee44cbbd49,b4ed7aedacd28cbbde6978fb09c22c75,"Scan finished, information embedded",56,58,96.5517241379,"Bkav Detected: True Result: W32.BackdoorWabot.Trojan Version: Update: 20160830 523 | MicroWorld-eScan Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 524 | nProtect Detected: True Result: Backdoor/W32.Wabot.1667584 Version: Update: 20160830 525 | CMC Detected: True Result: Backdoor.Win32.Wabot!O Version: Update: 20160830 526 | CAT-QuickHeal Detected: True Result: Trojan.Wabot.A8 Version: Update: 20160830 527 | ALYac Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 528 | Malwarebytes Detected: True Result: Backdoor.Wabot Version: Update: 20160830 529 | VIPRE Detected: True Result: Trojan.Win32.Generic!SB.0 Version: Update: 20160830 530 | SUPERAntiSpyware Detected: True Result: Trojan.Agent/Gen-Wabot Version: Update: 20160830 531 | CrowdStrike Detected: True Result: malicious_confidence_100% (W) Version: Update: 20160725 532 | Alibaba Detected: False Result: None Version: Update: 20160830 533 | K7GW Detected: True Result: Trojan ( 004be76d1 ) Version: Update: 20160830 534 | K7AntiVirus Detected: True Result: Trojan ( 004be76d1 ) Version: Update: 20160830 535 | TheHacker Detected: True Result: Backdoor/Wabot.a Version: Update: 20160829 536 | Invincea Detected: True Result: backdoor.win32.wabot.a Version: Update: 20160830 537 | Baidu Detected: True Result: Win32.Backdoor.Wabot.a Version: Update: 20160830 538 | F-Prot Detected: True Result: W32/A-a17f4dfc!Eldorado Version: Update: 20160830 539 | Symantec Detected: True Result: W32.Wabot Version: Update: 20160830 540 | TotalDefense Detected: True Result: Win32/DCMgreen.A Version: Update: 20160830 541 | Zoner Detected: True Result: I-Worm.Delf.NRF Version: Update: 20160830 542 | TrendMicro-HouseCall Detected: True Result: BKDR_WABOT.SMIA Version: Update: 20160830 543 | Avast Detected: True Result: Win32:Wabot [Trj] Version: Update: 20160830 544 | ClamAV Detected: True Result: Win.Trojan.Wabot-1 Version: Update: 20160830 545 | Kaspersky Detected: True Result: Backdoor.Win32.Wabot.a Version: Update: 20160830 546 | BitDefender Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 547 | NANO-Antivirus Detected: True Result: Trojan.Win32.Wabot.dmukv Version: Update: 20160830 548 | ViRobot Detected: True Result: Backdoor.Win32.Wabot.157619[h] Version: Update: 20160830 549 | Tencent Detected: True Result: Trojan.Win32.Wabot.a Version: Update: 20160830 550 | Ad-Aware Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 551 | Sophos Detected: True Result: Troj/Luiha-M Version: Update: 20160830 552 | Comodo Detected: True Result: Backdoor.Win32.Wabot.A Version: Update: 20160830 553 | F-Secure Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 554 | DrWeb Detected: True Result: Trojan.MulDrop2.11051 Version: Update: 20160830 555 | Zillya Detected: True Result: Backdoor.Wabot.Win32.1 Version: Update: 20160830 556 | TrendMicro Detected: True Result: BKDR_WABOT.SMIA Version: Update: 20160830 557 | McAfee-GW-Edition Detected: True Result: BehavesLike.Win32.Wabot.tc Version: Update: 20160830 558 | Emsisoft Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli (B) Version: Update: 20160830 559 | Cyren Detected: True Result: W32/A-a17f4dfc!Eldorado Version: Update: 20160830 560 | Jiangmin Detected: True Result: Backdoor/Wabot.z Version: Update: 20160830 561 | Avira Detected: True Result: TR/Dldr.Delphi.Gen Version: Update: 20160830 562 | Antiy-AVL Detected: True Result: Trojan[Backdoor]/Win32.Wabot.a Version: Update: 20160830 563 | Kingsoft Detected: False Result: None Version: Update: 20160830 564 | Microsoft Detected: True Result: Backdoor:Win32/Wabot.A Version: Update: 20160830 565 | AegisLab Detected: True Result: Backdoor.W32.Wabot.tn6b Version: Update: 20160830 566 | GData Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 567 | AhnLab-V3 Detected: True Result: Worm/Win32.IRCBot.N2091513092 Version: Update: 20160830 568 | McAfee Detected: True Result: W32/Wabot Version: Update: 20160830 569 | AVware Detected: True Result: Trojan.Win32.Generic!SB.0 Version: Update: 20160830 570 | VBA32 Detected: True Result: Backdoor.Wabot Version: Update: 20160830 571 | Arcabit Detected: True Result: Trojan.ShellIni.ED32CE Version: Update: 20160830 572 | ESET-NOD32 Detected: True Result: Win32/Delf.NRF Version: Update: 20160830 573 | Rising Detected: True Result: Malware.Heuristic!ET (rdm+) Version: Update: 20160830 574 | Yandex Detected: True Result: Backdoor.Wabot!AWDH2njzaiI Version: Update: 20160830 575 | Ikarus Detected: True Result: P2P-Worm.Win32.Delf Version: Update: 20160830 576 | Fortinet Detected: True Result: W32/Generic.AC.234D!tr Version: Update: 20160830 577 | AVG Detected: True Result: BackDoor.Wabot.A Version: Update: 20160830 578 | Panda Detected: True Result: Backdoor Program Version: Update: 20160830 579 | Qihoo-360 Detected: True Result: Backdoor.Win32.Agent.DP Version: Update: 20160830",NA,,,,,,,https://otx.alienvault.com/indicator/file/C6336EA255EFA7371337C0882D175BEE44CBBD49,0,,None,c6336ea255efa7371337c0882d175bee44cbbd49,6a6f5ca9ea72f4573e8406ef3c2539fee721093b48124d99bcdd3093a06b7638,b4ed7aedacd28cbbde6978fb09c22c75,24576:51bR29qjMWFMeXgGOEF4Y9qxwW2dexOJ0LOG0MXO0+8vLisg9FMRSLFRM7UXF:5dAW6SpOEFwzOc5eZoL7xSh2QV,1667584,PEXE,"PE32 executable (GUI) Intel 80386, for MS Windows",False,N/A, 580 | -------------------------------------------------------------------------------- /sampledata/largerlist.csv: -------------------------------------------------------------------------------- 1 | Input File,Hash Type?,NSRL SHA-1 or MD5 Match,VirusTotal Link,VirusTotal Scan Date,VirusTotal SHA256,VirusTotal SHA1,VirusTotal MD5,VirusTotal Verbose Msg,VirusTotal Positivie Scans,VirusTotal Total Scans,VirusTotal Conviction Percentage,VirusTotal Scan Results,ThreatCrowd URL,ThreatCrowd SHA-1,ThreatCrowd MD5,ThreatCrowd IPs,ThreatCrowd References,ThreatCrowd Domains,ThreatCrowd Scans,OTX URL,OTX Pulses,OTX References,OTX Malware,OTX Analysis SHA 1,OTX Analysis SHA 256,OTX Analysis MD5,OTX Analysis SSDeep,OTX Analysis File Size,OTX Analysis File Class,OTX Analysis File Type,ThreatExpert URL,ThreatExpert Findings 2 | 275A021BBFB6489E54D471899F7DB9D1663FC695EC2FE2A2C4538AABF651FD0F,SHA-256,False,https://www.virustotal.com/file/275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f/analysis/1474158352/,2016-09-18 00:25:52,275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f,3395856ce81f2b7382dee72602f798b642f14140,44d88612fea8a8f36de82e1278abb02f,"Scan finished, information embedded",53,55,96.3636363636,"Bkav Detected: True Result: DOS.EiracA.Trojan Version: Update: 20160917 3 | MicroWorld-eScan Detected: True Result: EICAR-Test-File Version: Update: 20160918 4 | nProtect Detected: True Result: EICAR-Test-File Version: Update: 20160917 5 | CMC Detected: True Result: Eicar.test.file Version: Update: 20160916 6 | CAT-QuickHeal Detected: True Result: EICAR.TestFile Version: Update: 20160917 7 | McAfee Detected: True Result: EICAR test file Version: Update: 20160917 8 | Malwarebytes Detected: False Result: None Version: Update: 20160917 9 | Zillya Detected: True Result: EICAR.TestFile Version: Update: 20160915 10 | AegisLab Detected: True Result: EICAR-Test-File!c Version: Update: 20160917 11 | TheHacker Detected: True Result: EICAR_Test_File Version: Update: 20160916 12 | BitDefender Detected: True Result: EICAR-Test-File (not a virus) Version: Update: 20160917 13 | K7GW Detected: True Result: EICAR_Test_File Version: Update: 20160917 14 | K7AntiVirus Detected: True Result: EICAR_Test_File Version: Update: 20160917 15 | Baidu Detected: True Result: Win32.Test.Eicar.a Version: Update: 20160914 16 | F-Prot Detected: True Result: EICAR_Test_File Version: Update: 20160917 17 | Symantec Detected: True Result: EICAR Test String Version: Update: 20160918 18 | ESET-NOD32 Detected: True Result: Eicar test file Version: Update: 20160917 19 | TrendMicro-HouseCall Detected: True Result: Eicar_test_file Version: Update: 20160918 20 | Avast Detected: True Result: EICAR Test-NOT virus!!! Version: Update: 20160918 21 | ClamAV Detected: True Result: Eicar-Test-Signature Version: Update: 20160916 22 | Kaspersky Detected: True Result: EICAR-Test-File Version: Update: 20160917 23 | Alibaba Detected: False Result: None Version: Update: 20160914 24 | NANO-Antivirus Detected: True Result: Marker.Dos.EICAR.dymlmx Version: Update: 20160918 25 | ViRobot Detected: True Result: EICAR-test[h] Version: Update: 20160917 26 | Rising Detected: True Result: EICAR-Test-File (classic) Version: Update: 20160918 27 | Ad-Aware Detected: True Result: EICAR-Test-File (not a virus) Version: Update: 20160918 28 | Sophos Detected: True Result: EICAR-AV-Test Version: Update: 20160918 29 | Comodo Detected: True Result: EICAR-Test-File Version: Update: 20160916 30 | F-Secure Detected: True Result: EICAR_Test_File Version: Update: 20160917 31 | DrWeb Detected: True Result: EICAR Test File (NOT a Virus!) Version: Update: 20160917 32 | VIPRE Detected: True Result: EICAR (v) Version: Update: 20160918 33 | TrendMicro Detected: True Result: Eicar_test_file Version: Update: 20160918 34 | McAfee-GW-Edition Detected: True Result: EICAR test file Version: Update: 20160918 35 | Emsisoft Detected: True Result: EICAR-Test-File (not a virus) (B) Version: Update: 20160917 36 | Cyren Detected: True Result: EICAR_Test_File Version: Update: 20160917 37 | Jiangmin Detected: True Result: EICAR-Test-File Version: Update: 20160917 38 | Avira Detected: True Result: Eicar-Test-Signature Version: Update: 20160917 39 | Fortinet Detected: True Result: EICAR_TEST_FILE Version: Update: 20160917 40 | Antiy-AVL Detected: True Result: TestFile/Win32.EICAR Version: Update: 20160918 41 | Kingsoft Detected: True Result: Test.eicar.aa Version: Update: 20160918 42 | Arcabit Detected: True Result: EICAR-Test-File (not a virus) Version: Update: 20160917 43 | SUPERAntiSpyware Detected: True Result: NotAThreat.EICAR[TestFile] Version: Update: 20160917 44 | Microsoft Detected: True Result: Virus:DOS/EICAR_Test_File Version: Update: 20160917 45 | AhnLab-V3 Detected: True Result: EICAR_Test_File Version: Update: 20160917 46 | ALYac Detected: True Result: Misc.Eicar-Test-File Version: Update: 20160918 47 | AVware Detected: True Result: EICAR (v) Version: Update: 20160917 48 | VBA32 Detected: True Result: EICAR-Test-File Version: Update: 20160917 49 | Zoner Detected: True Result: EICAR.Test.File-NoVirus Version: Update: 20160917 50 | Tencent Detected: True Result: EICAR.TEST.NOT-A-VIRUS Version: Update: 20160918 51 | Yandex Detected: True Result: EICAR_test_file Version: Update: 20160917 52 | Ikarus Detected: True Result: EICAR-Test-File Version: Update: 20160917 53 | GData Detected: True Result: EICAR-Test-File (not a virus) Version: Update: 20160917 54 | AVG Detected: True Result: EICAR_Test Version: Update: 20160918 55 | Panda Detected: True Result: EICAR-AV-TEST-FILE Version: Update: 20160917 56 | Qihoo-360 Detected: True Result: qex.eicar.gen.gen Version: Update: 20160918",NA,,,,,,,https://otx.alienvault.com/indicator/file/275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f,1,,None,3395856ce81f2b7382dee72602f798b642f14140,275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f,44d88612fea8a8f36de82e1278abb02f,,68,None,"ASCII text, with no line terminators",N/A, 57 | 001025C6D4974FB2CCBEA56F710282ACA6C1353CC7120D5D4A7853688084953A,SHA-256,False,https://www.virustotal.com/file/001025c6d4974fb2ccbea56f710282aca6c1353cc7120d5d4a7853688084953a/analysis/1472555297/,2016-08-30 11:08:17,001025c6d4974fb2ccbea56f710282aca6c1353cc7120d5d4a7853688084953a,84c17e0ce55db895c7f62c6838a061a9a77007d7,fadc983f4577da8a7caa35e5096ddf14,"Scan finished, information embedded",38,57,66.6666666667,"Bkav Detected: True Result: W32.HfsAdware.59EA Version: Update: 20160829 58 | MicroWorld-eScan Detected: False Result: None Version: Update: 20160830 59 | nProtect Detected: False Result: None Version: Update: 20160830 60 | CMC Detected: False Result: None Version: Update: 20160830 61 | CAT-QuickHeal Detected: False Result: None Version: Update: 20160830 62 | McAfee Detected: True Result: Artemis!FADC983F4577 Version: Update: 20160830 63 | Malwarebytes Detected: True Result: PUP.Optional.OptimizerPro Version: Update: 20160830 64 | VIPRE Detected: True Result: OptimizerPro (fs) (not malicious) Version: Update: 20160830 65 | TheHacker Detected: False Result: None Version: Update: 20160829 66 | BitDefender Detected: True Result: Application.Generic.1564298 Version: Update: 20160830 67 | K7GW Detected: True Result: Adware ( 004c3e641 ) Version: Update: 20160830 68 | K7AntiVirus Detected: True Result: Adware ( 004c3e641 ) Version: Update: 20160830 69 | TrendMicro Detected: False Result: None Version: Update: 20160830 70 | Baidu Detected: False Result: None Version: Update: 20160830 71 | F-Prot Detected: True Result: W32/Trojan2.OVYQ Version: Update: 20160830 72 | Symantec Detected: True Result: SMG.Heur!gen Version: Update: 20160830 73 | TotalDefense Detected: False Result: None Version: Update: 20160830 74 | TrendMicro-HouseCall Detected: True Result: TROJ_GE.06094129 Version: Update: 20160830 75 | Avast Detected: True Result: Win32:PUP-gen [PUP] Version: Update: 20160830 76 | ClamAV Detected: False Result: None Version: Update: 20160830 77 | Kaspersky Detected: True Result: not-a-virus:HEUR:RiskTool.Win32.Generic Version: Update: 20160830 78 | Alibaba Detected: False Result: None Version: Update: 20160830 79 | NANO-Antivirus Detected: True Result: Riskware.Win32.Unwanted.eaeozl Version: Update: 20160830 80 | ViRobot Detected: False Result: None Version: Update: 20160830 81 | AegisLab Detected: False Result: None Version: Update: 20160830 82 | Rising Detected: True Result: Malware.Undefined!8.C-7p3fz8pKI3D (Cloud) Version: Update: 20160830 83 | Ad-Aware Detected: True Result: Application.Generic.1564298 Version: Update: 20160830 84 | Sophos Detected: True Result: Generic PUA AB (PUA) Version: Update: 20160830 85 | Comodo Detected: False Result: None Version: Update: 20160830 86 | F-Secure Detected: True Result: Application.Generic.1564298 Version: Update: 20160830 87 | DrWeb Detected: True Result: Trojan.Ptop.68 Version: Update: 20160830 88 | Zillya Detected: True Result: Adware.OptimizerProCRTD.Win32.318 Version: Update: 20160830 89 | Invincea Detected: True Result: virus.win32.sality.at Version: Update: 20160830 90 | McAfee-GW-Edition Detected: True Result: BehavesLike.Win32.Jeefo.rc Version: Update: 20160830 91 | Emsisoft Detected: True Result: Adware.GenericKD.3255527 (B) Version: Update: 20160830 92 | Cyren Detected: True Result: W32/Trojan.KBXY-4410 Version: Update: 20160830 93 | Jiangmin Detected: False Result: None Version: Update: 20160830 94 | Avira Detected: True Result: PUA/OptimizerPro.RE Version: Update: 20160830 95 | Fortinet Detected: True Result: Riskware/Generic Version: Update: 20160830 96 | Antiy-AVL Detected: True Result: Trojan[FakeAV]/Win32.Agent Version: Update: 20160830 97 | Kingsoft Detected: False Result: None Version: Update: 20160830 98 | Arcabit Detected: True Result: Adware.Generic.D31ACCA Version: Update: 20160830 99 | SUPERAntiSpyware Detected: False Result: None Version: Update: 20160830 100 | Microsoft Detected: False Result: None Version: Update: 20160830 101 | AhnLab-V3 Detected: True Result: PUP/Win32.OptimizerPro.R149627 Version: Update: 20160830 102 | VBA32 Detected: True Result: TrojanFakeAV.Agent Version: Update: 20160829 103 | AVware Detected: True Result: OptimizerPro (fs) Version: Update: 20160830 104 | Zoner Detected: False Result: None Version: Update: 20160830 105 | ESET-NOD32 Detected: True Result: a variant of Win32/Adware.SpeedingUpMyPC.AE Version: Update: 20160830 106 | Tencent Detected: False Result: None Version: Update: 20160830 107 | Yandex Detected: True Result: Riskware.SpeedingUpMyPC! Version: Update: 20160828 108 | Ikarus Detected: True Result: PUA.Generic Version: Update: 20160830 109 | GData Detected: True Result: Application.Generic.1564298 Version: Update: 20160830 110 | AVG Detected: True Result: Generic7.BCS Version: Update: 20160830 111 | Panda Detected: True Result: Trj/CI.A Version: Update: 20160829 112 | CrowdStrike Detected: True Result: malicious_confidence_99% (D) Version: Update: 20160725 113 | Qihoo-360 Detected: True Result: Win32/Virus.IM.2bf Version: Update: 20160830",NA,,,,,,,https://otx.alienvault.com/indicator/file/001025c6d4974fb2ccbea56f710282aca6c1353cc7120d5d4a7853688084953a,0,,None,84c17e0ce55db895c7f62c6838a061a9a77007d7,001025c6d4974fb2ccbea56f710282aca6c1353cc7120d5d4a7853688084953a,fadc983f4577da8a7caa35e5096ddf14,98304:7woRIqXAfJt102DXdmdA+1xgoGKPhNHiEhDCn0U8xF7Eek:BRJXAT102DXdmdA+1xgoGKiUCh0Pk,4418392,PEXE,"PE32 executable (GUI) Intel 80386, for MS Windows",N/A, 114 | 001025C6D4974FB2CCBEA56F710282ACA6C1353CC7120D5D4A7853688084953B,SHA-256,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/001025c6d4974fb2ccbea56f710282aca6c1353cc7120d5d4a7853688084953b,0,,None,,,,,,,,N/A, 115 | CEEF161D68AE2B690FA9616361271578,MD5,False,https://www.virustotal.com/file/cebf5c1c762cff1c0442320b118ac83d76266b6358bc768205788bba31abdf24/analysis/1472635960/,2016-08-31 09:32:40,cebf5c1c762cff1c0442320b118ac83d76266b6358bc768205788bba31abdf24,536f9792b32a1eb2cc5ecd463d2fbed01d28175c,ceef161d68ae2b690fa9616361271578,"Scan finished, information embedded",47,58,81.0344827586,"Bkav Detected: False Result: None Version: Update: 20160831 116 | MicroWorld-eScan Detected: True Result: Generic.MSIL.Bladabindi.3D8207C9 Version: Update: 20160831 117 | nProtect Detected: False Result: None Version: Update: 20160831 118 | CMC Detected: False Result: None Version: Update: 20160830 119 | CAT-QuickHeal Detected: True Result: Trojan.Bladabindi.B3 Version: Update: 20160831 120 | ALYac Detected: True Result: Generic.MSIL.Bladabindi.3D8207C9 Version: Update: 20160831 121 | Malwarebytes Detected: True Result: Trojan.Agent.MSIL Version: Update: 20160831 122 | VIPRE Detected: True Result: Backdoor.MSIL.Bladabindi.a (v) Version: Update: 20160831 123 | TheHacker Detected: False Result: None Version: Update: 20160829 124 | BitDefender Detected: True Result: Generic.MSIL.Bladabindi.3D8207C9 Version: Update: 20160831 125 | K7GW Detected: True Result: Trojan ( 700000121 ) Version: Update: 20160831 126 | K7AntiVirus Detected: True Result: Trojan ( 700000121 ) Version: Update: 20160831 127 | Invincea Detected: True Result: backdoor.msil.bladabindi.aj Version: Update: 20160830 128 | Baidu Detected: True Result: MSIL.Backdoor.Bladabindi.a Version: Update: 20160831 129 | F-Prot Detected: True Result: W32/MSIL_Bladabindi.A2.gen!Eldorado Version: Update: 20160831 130 | Symantec Detected: True Result: Heur.AdvML.B Version: Update: 20160831 131 | TotalDefense Detected: True Result: Win32/DotNetDl.A!generic Version: Update: 20160831 132 | TrendMicro-HouseCall Detected: True Result: BKDR_BLADABI.SMC Version: Update: 20160831 133 | Avast Detected: True Result: MSIL:Agent-CTT [Trj] Version: Update: 20160831 134 | ClamAV Detected: True Result: Win.Trojan.B-468 Version: Update: 20160831 135 | Kaspersky Detected: True Result: HEUR:Trojan.Win32.Generic Version: Update: 20160831 136 | Alibaba Detected: False Result: None Version: Update: 20160831 137 | NANO-Antivirus Detected: True Result: Trojan.Win32.DownLoader10.ctopxm Version: Update: 20160831 138 | ViRobot Detected: False Result: None Version: Update: 20160831 139 | AegisLab Detected: True Result: Troj.W32.Gen.lZFZ Version: Update: 20160831 140 | Rising Detected: True Result: Backdoor.MSIL.Bladabindi!1.9E49 (classic) Version: Update: 20160831 141 | Ad-Aware Detected: True Result: Generic.MSIL.Bladabindi.3D8207C9 Version: Update: 20160831 142 | Sophos Detected: True Result: Troj/MSIL-HX Version: Update: 20160831 143 | Comodo Detected: True Result: TrojWare.MSIL.Bladabindi.KX Version: Update: 20160831 144 | F-Secure Detected: True Result: Generic.MSIL.Bladabindi.3D8207C9 Version: Update: 20160831 145 | DrWeb Detected: True Result: Trojan.DownLoader10.20236 Version: Update: 20160831 146 | Zillya Detected: True Result: Trojan.Bladabindi.Win32.15117 Version: Update: 20160831 147 | TrendMicro Detected: True Result: BKDR_BLADABI.SMC Version: Update: 20160831 148 | McAfee-GW-Edition Detected: True Result: BehavesLike.Win32.BackdoorNJRat.mm Version: Update: 20160831 149 | Emsisoft Detected: True Result: Generic.MSIL.Bladabindi.3D8207C9 (B) Version: Update: 20160831 150 | Cyren Detected: True Result: W32/MSIL_Bladabindi.A2.gen!Eldorado Version: Update: 20160831 151 | Jiangmin Detected: False Result: None Version: Update: 20160831 152 | Avira Detected: True Result: TR/ATRAPS.Gen Version: Update: 20160831 153 | Fortinet Detected: True Result: MSIL/Agent.PPV!tr Version: Update: 20160831 154 | Antiy-AVL Detected: True Result: Trojan[:HEUR]/Win32.AGeneric Version: Update: 20160831 155 | Kingsoft Detected: False Result: None Version: Update: 20160831 156 | Arcabit Detected: True Result: Generic.MSIL.Bladabindi.3D8207C9 Version: Update: 20160831 157 | SUPERAntiSpyware Detected: True Result: Trojan.Agent/Gen-Barys Version: Update: 20160831 158 | Microsoft Detected: True Result: Backdoor:MSIL/Bladabindi.AJ Version: Update: 20160831 159 | AhnLab-V3 Detected: True Result: Trojan/Win32.Generic.R108665 Version: Update: 20160831 160 | McAfee Detected: True Result: Trojan-FIGN Version: Update: 20160831 161 | AVware Detected: True Result: Backdoor.MSIL.Bladabindi.a (v) Version: Update: 20160831 162 | VBA32 Detected: False Result: None Version: Update: 20160831 163 | Zoner Detected: False Result: None Version: Update: 20160831 164 | ESET-NOD32 Detected: True Result: a variant of MSIL/Bladabindi.AS Version: Update: 20160831 165 | Tencent Detected: True Result: Win32.Trojan.Generic.Tdzr Version: Update: 20160831 166 | Yandex Detected: True Result: Trojan.RatJn.Gen.MG Version: Update: 20160830 167 | Ikarus Detected: True Result: Trojan.MSIL.Bladabindi Version: Update: 20160831 168 | GData Detected: True Result: Generic.MSIL.Bladabindi.3D8207C9 Version: Update: 20160831 169 | AVG Detected: True Result: PSW.ILUSpy Version: Update: 20160831 170 | Panda Detected: True Result: Trj/GdSda.A Version: Update: 20160831 171 | CrowdStrike Detected: True Result: malicious_confidence_100% (W) Version: Update: 20160725 172 | Qihoo-360 Detected: False Result: None Version: Update: 20160831",https://www.threatcrowd.org/malware.php?md5=ceef161d68ae2b690fa9616361271578,536f9792b32a1eb2cc5ecd463d2fbed01d28175c,ceef161d68ae2b690fa9616361271578,194.58.74.79,,root123.ddns.net,,https://otx.alienvault.com/indicator/file/CEEF161D68AE2B690FA9616361271578,0,,None,536f9792b32a1eb2cc5ecd463d2fbed01d28175c,cebf5c1c762cff1c0442320b118ac83d76266b6358bc768205788bba31abdf24,ceef161d68ae2b690fa9616361271578,384:EqG9WgS1pKCIdJGG/EyZ+XLCPY1G2ZV/rljITFKiwyexivdK0LE2rWGMbiNrxw+s:Wdj/nZkCQYo/rpk8ge8lK0LtWDbuVJ,29184,PEXE,"PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows",http://www.threatexpert.com/reports.aspx?find=CEEF161D68AE2B690FA9616361271578,Trojan:MSIL/Bladabindi.B 173 | D41D8CD98F00B204E9800998ECF8427E,MD5,True,https://www.virustotal.com/file/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/analysis/1474160392/,2016-09-18 00:59:52,e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855,da39a3ee5e6b4b0d3255bfef95601890afd80709,d41d8cd98f00b204e9800998ecf8427e,"Scan finished, information embedded",0,55,0.0,"Bkav Detected: False Result: None Version: Update: 20160917 174 | MicroWorld-eScan Detected: False Result: None Version: Update: 20160918 175 | nProtect Detected: False Result: None Version: Update: 20160917 176 | CMC Detected: False Result: None Version: Update: 20160916 177 | CAT-QuickHeal Detected: False Result: None Version: Update: 20160917 178 | McAfee Detected: False Result: None Version: Update: 20160917 179 | Malwarebytes Detected: False Result: None Version: Update: 20160917 180 | VIPRE Detected: False Result: None Version: Update: 20160918 181 | AegisLab Detected: False Result: None Version: Update: 20160917 182 | TheHacker Detected: False Result: None Version: Update: 20160916 183 | BitDefender Detected: False Result: None Version: Update: 20160918 184 | K7GW Detected: False Result: None Version: Update: 20160917 185 | K7AntiVirus Detected: False Result: None Version: Update: 20160917 186 | Arcabit Detected: False Result: None Version: Update: 20160917 187 | Baidu Detected: False Result: None Version: Update: 20160914 188 | F-Prot Detected: False Result: None Version: Update: 20160918 189 | Symantec Detected: False Result: None Version: Update: 20160918 190 | ESET-NOD32 Detected: False Result: None Version: Update: 20160917 191 | TrendMicro-HouseCall Detected: False Result: None Version: Update: 20160918 192 | Avast Detected: False Result: None Version: Update: 20160918 193 | ClamAV Detected: False Result: None Version: Update: 20160916 194 | Kaspersky Detected: False Result: None Version: Update: 20160917 195 | Alibaba Detected: False Result: None Version: Update: 20160914 196 | NANO-Antivirus Detected: False Result: None Version: Update: 20160918 197 | ViRobot Detected: False Result: None Version: Update: 20160917 198 | Rising Detected: False Result: None Version: Update: 20160918 199 | Ad-Aware Detected: False Result: None Version: Update: 20160918 200 | Sophos Detected: False Result: None Version: Update: 20160918 201 | Comodo Detected: False Result: None Version: Update: 20160916 202 | F-Secure Detected: False Result: None Version: Update: 20160918 203 | DrWeb Detected: False Result: None Version: Update: 20160918 204 | Zillya Detected: False Result: None Version: Update: 20160915 205 | TrendMicro Detected: False Result: None Version: Update: 20160918 206 | McAfee-GW-Edition Detected: False Result: None Version: Update: 20160918 207 | Emsisoft Detected: False Result: None Version: Update: 20160918 208 | Cyren Detected: False Result: None Version: Update: 20160918 209 | Jiangmin Detected: False Result: None Version: Update: 20160917 210 | Avira Detected: False Result: None Version: Update: 20160917 211 | Antiy-AVL Detected: False Result: None Version: Update: 20160918 212 | Kingsoft Detected: False Result: None Version: Update: 20160918 213 | Microsoft Detected: False Result: None Version: Update: 20160917 214 | SUPERAntiSpyware Detected: False Result: None Version: Update: 20160917 215 | GData Detected: False Result: None Version: Update: 20160918 216 | AhnLab-V3 Detected: False Result: None Version: Update: 20160917 217 | ALYac Detected: False Result: None Version: Update: 20160918 218 | AVware Detected: False Result: None Version: Update: 20160918 219 | VBA32 Detected: False Result: None Version: Update: 20160917 220 | Zoner Detected: False Result: None Version: Update: 20160917 221 | Tencent Detected: False Result: None Version: Update: 20160918 222 | Yandex Detected: False Result: None Version: Update: 20160917 223 | Ikarus Detected: False Result: None Version: Update: 20160917 224 | Fortinet Detected: False Result: None Version: Update: 20160918 225 | AVG Detected: False Result: None Version: Update: 20160918 226 | Panda Detected: False Result: None Version: Update: 20160917 227 | Qihoo-360 Detected: False Result: None Version: Update: 20160918",https://www.threatcrowd.org/malware.php?md5=d41d8cd98f00b204e9800998ecf8427e,0117a6026e1a3fcff386558a2c7386deb4643662,d41d8cd98f00b204e9800998ecf8427e,,,intweb.mobwork.net,BackDoor.Comet.2020; Mal/MSIL-PX; Trojan.MSIL.Crypt; W32/Trojan.UEGX-7731; Backdoor*Win32/Fynloski; Trojan ( 004be5b21 ); MSIL/Packed.Confuser.P suspicious; Suspicious.0000000000480.mg; TR/Crypt.Xpack.440461; ,Invalid file hash,,,,,,,,,,,http://www.threatexpert.com/reports.aspx?find=D41D8CD98F00B204E9800998ECF8427E,"Mal/Behav-044, Trojan-Spy.Win32.Bancos 228 | W32.Ramnit!inf, Virus.Win32.Nimnul.a, W32/Ramnit.a, W32/Patched-I.. 229 | W32.Ramnit!inf, Virus.Win32.Nimnul.a, W32/Ramnit.a, W32/Patched-I.. 230 | Backdoor:Win32/Zegost.Q, Backdoor.Win32.Inject 231 | [High Risk] 232 | Trojan:MSIL/Bladabindi.B 233 | Trojan-Dropper.Win32.Dorifel 234 | Win32.SuspectCrc, Backdoor.ProRAT.K 235 | Trojan:MSIL/Bladabindi.B, Win32.SuspectCrc 236 | W32.Kwbot.Worm, Trojan-Dropper.Win32.Loring, WORM_SDBOT.DMA.. 237 | Trojan:MSIL/Bladabindi.B 238 | 4" 239 | B284A42B124849E71DBEF653D30229F1,MD5,False,https://www.virustotal.com/file/da3a3e5c3e436967c2f62d6e777b9f9b118ab995ee1a569161494489614c09fa/analysis/1472590869/,2016-08-30 21:01:09,da3a3e5c3e436967c2f62d6e777b9f9b118ab995ee1a569161494489614c09fa,0322a0ba58b95db9a2227f12d193fddea74cff89,b284a42b124849e71dbef653d30229f1,"Scan finished, information embedded",31,56,55.3571428571,"Bkav Detected: False Result: None Version: Update: 20160830 240 | MicroWorld-eScan Detected: True Result: Gen:Variant.Symmi.54995 Version: Update: 20160830 241 | nProtect Detected: False Result: None Version: Update: 20160830 242 | CMC Detected: False Result: None Version: Update: 20160830 243 | CAT-QuickHeal Detected: False Result: None Version: Update: 20160830 244 | McAfee Detected: True Result: Artemis!B284A42B1248 Version: Update: 20160830 245 | Malwarebytes Detected: False Result: None Version: Update: 20160830 246 | VIPRE Detected: True Result: Trojan.Win32.Generic!BT Version: Update: 20160830 247 | TheHacker Detected: False Result: None Version: Update: 20160829 248 | BitDefender Detected: True Result: Gen:Variant.Symmi.54995 Version: Update: 20160830 249 | K7GW Detected: True Result: Trojan ( 004d73c41 ) Version: Update: 20160830 250 | K7AntiVirus Detected: True Result: Trojan ( 004d73c41 ) Version: Update: 20160830 251 | TrendMicro Detected: True Result: TROJ_GEN.R02LC0RHU16 Version: Update: 20160830 252 | Baidu Detected: True Result: Win32.Backdoor.Yobdam.a Version: Update: 20160830 253 | F-Prot Detected: True Result: W32/S-832592b6!Eldorado Version: Update: 20160830 254 | Symantec Detected: True Result: Heur.AdvML.B Version: Update: 20160830 255 | TotalDefense Detected: False Result: None Version: Update: 20160830 256 | TrendMicro-HouseCall Detected: True Result: TROJ_GEN.R02LC0RHU16 Version: Update: 20160830 257 | Avast Detected: True Result: Win32:Malware-gen Version: Update: 20160830 258 | ClamAV Detected: False Result: None Version: Update: 20160830 259 | Kaspersky Detected: False Result: None Version: Update: 20160830 260 | Alibaba Detected: False Result: None Version: Update: 20160830 261 | NANO-Antivirus Detected: False Result: None Version: Update: 20160830 262 | ViRobot Detected: False Result: None Version: Update: 20160830 263 | SUPERAntiSpyware Detected: False Result: None Version: Update: 20160830 264 | Rising Detected: True Result: Malware.Generic!8PHSzFEMApC@5 (thunder) Version: Update: 20160830 265 | Ad-Aware Detected: True Result: Gen:Variant.Symmi.54995 Version: Update: 20160830 266 | Sophos Detected: True Result: Mal/Behav-009 Version: Update: 20160830 267 | Comodo Detected: False Result: None Version: Update: 20160830 268 | F-Secure Detected: True Result: Gen:Variant.Symmi.54995 Version: Update: 20160830 269 | DrWeb Detected: False Result: None Version: Update: 20160830 270 | Zillya Detected: False Result: None Version: Update: 20160830 271 | Invincea Detected: True Result: virus.win32.sality.h Version: Update: 20160830 272 | McAfee-GW-Edition Detected: True Result: BehavesLike.Win32.Downloader.cc Version: Update: 20160830 273 | Emsisoft Detected: True Result: Gen:Variant.Symmi.54995 (B) Version: Update: 20160830 274 | Cyren Detected: True Result: W32/S-832592b6!Eldorado Version: Update: 20160830 275 | Jiangmin Detected: True Result: TrojanDownloader.Agent.fjny Version: Update: 20160830 276 | Avira Detected: True Result: TR/ATRAPS.Gen2 Version: Update: 20160830 277 | Fortinet Detected: False Result: None Version: Update: 20160830 278 | Antiy-AVL Detected: False Result: None Version: Update: 20160830 279 | Kingsoft Detected: False Result: None Version: Update: 20160830 280 | Arcabit Detected: True Result: Trojan.Symmi.DD6D3 Version: Update: 20160830 281 | AegisLab Detected: False Result: None Version: Update: 20160830 282 | Microsoft Detected: False Result: None Version: Update: 20160830 283 | AhnLab-V3 Detected: False Result: None Version: Update: 20160830 284 | VBA32 Detected: False Result: None Version: Update: 20160830 285 | AVware Detected: True Result: Trojan.Win32.Generic!BT Version: Update: 20160830 286 | Zoner Detected: False Result: None Version: Update: 20160830 287 | ESET-NOD32 Detected: True Result: a variant of Win32/Delf.TJF Version: Update: 20160830 288 | Tencent Detected: True Result: Win32.Trojan.Atraps.Pefk Version: Update: 20160830 289 | Yandex Detected: False Result: None Version: Update: 20160830 290 | Ikarus Detected: True Result: Backdoor.Win32.Hupigon Version: Update: 20160830 291 | GData Detected: True Result: Gen:Variant.Symmi.54995 Version: Update: 20160830 292 | AVG Detected: True Result: Delf.AYAY Version: Update: 20160830 293 | Panda Detected: True Result: Trj/GdSda.A Version: Update: 20160830 294 | Qihoo-360 Detected: True Result: HEUR/QVM33.0.0000.Malware.Gen Version: Update: 20160830",NA,,,,,,,https://otx.alienvault.com/indicator/file/B284A42B124849E71DBEF653D30229F1,0,,None,0322a0ba58b95db9a2227f12d193fddea74cff89,da3a3e5c3e436967c2f62d6e777b9f9b118ab995ee1a569161494489614c09fa,b284a42b124849e71dbef653d30229f1,24576:jkn0lw5QdZ35jueUc9zdvtRYl9v39gjg:jknWw5QdV5yeUcdvtRYl9v3Sjg,855552,PEXE,"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows",http://www.threatexpert.com/reports.aspx?find=B284A42B124849E71DBEF653D30229F1,"Mal/Behav-009, Mal/Behav-009" 295 | 0322A0BA58B95DB9A2227F12D193FDDEA74CFF89,SHA-1,False,https://www.virustotal.com/file/da3a3e5c3e436967c2f62d6e777b9f9b118ab995ee1a569161494489614c09fa/analysis/1472590869/,2016-08-30 21:01:09,da3a3e5c3e436967c2f62d6e777b9f9b118ab995ee1a569161494489614c09fa,0322a0ba58b95db9a2227f12d193fddea74cff89,b284a42b124849e71dbef653d30229f1,"Scan finished, information embedded",31,56,55.3571428571,"Bkav Detected: False Result: None Version: Update: 20160830 296 | MicroWorld-eScan Detected: True Result: Gen:Variant.Symmi.54995 Version: Update: 20160830 297 | nProtect Detected: False Result: None Version: Update: 20160830 298 | CMC Detected: False Result: None Version: Update: 20160830 299 | CAT-QuickHeal Detected: False Result: None Version: Update: 20160830 300 | McAfee Detected: True Result: Artemis!B284A42B1248 Version: Update: 20160830 301 | Malwarebytes Detected: False Result: None Version: Update: 20160830 302 | VIPRE Detected: True Result: Trojan.Win32.Generic!BT Version: Update: 20160830 303 | TheHacker Detected: False Result: None Version: Update: 20160829 304 | BitDefender Detected: True Result: Gen:Variant.Symmi.54995 Version: Update: 20160830 305 | K7GW Detected: True Result: Trojan ( 004d73c41 ) Version: Update: 20160830 306 | K7AntiVirus Detected: True Result: Trojan ( 004d73c41 ) Version: Update: 20160830 307 | TrendMicro Detected: True Result: TROJ_GEN.R02LC0RHU16 Version: Update: 20160830 308 | Baidu Detected: True Result: Win32.Backdoor.Yobdam.a Version: Update: 20160830 309 | F-Prot Detected: True Result: W32/S-832592b6!Eldorado Version: Update: 20160830 310 | Symantec Detected: True Result: Heur.AdvML.B Version: Update: 20160830 311 | TotalDefense Detected: False Result: None Version: Update: 20160830 312 | TrendMicro-HouseCall Detected: True Result: TROJ_GEN.R02LC0RHU16 Version: Update: 20160830 313 | Avast Detected: True Result: Win32:Malware-gen Version: Update: 20160830 314 | ClamAV Detected: False Result: None Version: Update: 20160830 315 | Kaspersky Detected: False Result: None Version: Update: 20160830 316 | Alibaba Detected: False Result: None Version: Update: 20160830 317 | NANO-Antivirus Detected: False Result: None Version: Update: 20160830 318 | ViRobot Detected: False Result: None Version: Update: 20160830 319 | SUPERAntiSpyware Detected: False Result: None Version: Update: 20160830 320 | Rising Detected: True Result: Malware.Generic!8PHSzFEMApC@5 (thunder) Version: Update: 20160830 321 | Ad-Aware Detected: True Result: Gen:Variant.Symmi.54995 Version: Update: 20160830 322 | Sophos Detected: True Result: Mal/Behav-009 Version: Update: 20160830 323 | Comodo Detected: False Result: None Version: Update: 20160830 324 | F-Secure Detected: True Result: Gen:Variant.Symmi.54995 Version: Update: 20160830 325 | DrWeb Detected: False Result: None Version: Update: 20160830 326 | Zillya Detected: False Result: None Version: Update: 20160830 327 | Invincea Detected: True Result: virus.win32.sality.h Version: Update: 20160830 328 | McAfee-GW-Edition Detected: True Result: BehavesLike.Win32.Downloader.cc Version: Update: 20160830 329 | Emsisoft Detected: True Result: Gen:Variant.Symmi.54995 (B) Version: Update: 20160830 330 | Cyren Detected: True Result: W32/S-832592b6!Eldorado Version: Update: 20160830 331 | Jiangmin Detected: True Result: TrojanDownloader.Agent.fjny Version: Update: 20160830 332 | Avira Detected: True Result: TR/ATRAPS.Gen2 Version: Update: 20160830 333 | Fortinet Detected: False Result: None Version: Update: 20160830 334 | Antiy-AVL Detected: False Result: None Version: Update: 20160830 335 | Kingsoft Detected: False Result: None Version: Update: 20160830 336 | Arcabit Detected: True Result: Trojan.Symmi.DD6D3 Version: Update: 20160830 337 | AegisLab Detected: False Result: None Version: Update: 20160830 338 | Microsoft Detected: False Result: None Version: Update: 20160830 339 | AhnLab-V3 Detected: False Result: None Version: Update: 20160830 340 | VBA32 Detected: False Result: None Version: Update: 20160830 341 | AVware Detected: True Result: Trojan.Win32.Generic!BT Version: Update: 20160830 342 | Zoner Detected: False Result: None Version: Update: 20160830 343 | ESET-NOD32 Detected: True Result: a variant of Win32/Delf.TJF Version: Update: 20160830 344 | Tencent Detected: True Result: Win32.Trojan.Atraps.Pefk Version: Update: 20160830 345 | Yandex Detected: False Result: None Version: Update: 20160830 346 | Ikarus Detected: True Result: Backdoor.Win32.Hupigon Version: Update: 20160830 347 | GData Detected: True Result: Gen:Variant.Symmi.54995 Version: Update: 20160830 348 | AVG Detected: True Result: Delf.AYAY Version: Update: 20160830 349 | Panda Detected: True Result: Trj/GdSda.A Version: Update: 20160830 350 | Qihoo-360 Detected: True Result: HEUR/QVM33.0.0000.Malware.Gen Version: Update: 20160830",NA,,,,,,,https://otx.alienvault.com/indicator/file/0322A0BA58B95DB9A2227F12D193FDDEA74CFF89,0,,None,0322a0ba58b95db9a2227f12d193fddea74cff89,da3a3e5c3e436967c2f62d6e777b9f9b118ab995ee1a569161494489614c09fa,b284a42b124849e71dbef653d30229f1,24576:jkn0lw5QdZ35jueUc9zdvtRYl9v39gjg:jknWw5QdV5yeUcdvtRYl9v3Sjg,855552,PEXE,"PE32 executable (DLL) (GUI) Intel 80386, for MS Windows",N/A, 351 | E02CE6D73156A11BA84A798B26DE1D12,MD5,False,https://www.virustotal.com/file/26ee87d96144e5882302ae4f98ebd1c58f5f53223438e4a6498bf465848a8c0a/analysis/1470068910/,2016-08-01 16:28:30,26ee87d96144e5882302ae4f98ebd1c58f5f53223438e4a6498bf465848a8c0a,725e80cab7c88d7e960c478e1b975e003e0c0c66,e02ce6d73156a11ba84a798b26de1d12,"Scan finished, information embedded",54,55,98.1818181818,"Bkav Detected: True Result: W32.Sality.PE Version: Update: 20160801 352 | MicroWorld-eScan Detected: True Result: Win32.Sality.3 Version: Update: 20160801 353 | nProtect Detected: True Result: Virus/W32.Sality.D Version: Update: 20160729 354 | CMC Detected: True Result: Trojan.Win32.MicroFake!O Version: Update: 20160801 355 | CAT-QuickHeal Detected: True Result: W32.Sality.U Version: Update: 20160801 356 | McAfee Detected: True Result: W32/Sality.gen.z Version: Update: 20160801 357 | Malwarebytes Detected: True Result: Trojan.FakeLPK Version: Update: 20160801 358 | VIPRE Detected: True Result: Virus.Win32.Sality.at (v) Version: Update: 20160801 359 | TheHacker Detected: True Result: W32/Sality.gen Version: Update: 20160729 360 | BitDefender Detected: True Result: Win32.Sality.3 Version: Update: 20160801 361 | K7GW Detected: True Result: Trojan ( 0040f8ac1 ) Version: Update: 20160801 362 | K7AntiVirus Detected: True Result: Trojan ( 0040f8ac1 ) Version: Update: 20160801 363 | Baidu Detected: True Result: Win32.Virus.Sality.gen Version: Update: 20160801 364 | Cyren Detected: True Result: W32/Sality.gen2 Version: Update: 20160801 365 | Symantec Detected: True Result: W32.Sality.AE Version: Update: 20160801 366 | ESET-NOD32 Detected: True Result: Win32/Sality.NBA Version: Update: 20160801 367 | TrendMicro-HouseCall Detected: True Result: TROJ_VSTART.SMA Version: Update: 20160801 368 | Avast Detected: True Result: Win32:Malware-gen Version: Update: 20160801 369 | ClamAV Detected: True Result: Win.Trojan.Scar-545 Version: Update: 20160801 370 | Kaspersky Detected: True Result: Virus.Win32.Sality.gen Version: Update: 20160801 371 | Alibaba Detected: False Result: None Version: Update: 20160801 372 | NANO-Antivirus Detected: True Result: Virus.Win32.Sality.beygb Version: Update: 20160801 373 | ViRobot Detected: True Result: Win32.Sality.Gen.A[h] Version: Update: 20160801 374 | SUPERAntiSpyware Detected: True Result: Trojan.Agent/Gen-DDOS Version: Update: 20160801 375 | Ad-Aware Detected: True Result: Win32.Sality.3 Version: Update: 20160801 376 | Sophos Detected: True Result: Mal/Nitol-C Version: Update: 20160801 377 | Comodo Detected: True Result: Virus.Win32.Sality.gen Version: Update: 20160801 378 | F-Secure Detected: True Result: Win32.Sality.3 Version: Update: 20160801 379 | DrWeb Detected: True Result: Win32.Sector.30 Version: Update: 20160801 380 | Zillya Detected: True Result: Virus.Sality.Win32.25 Version: Update: 20160731 381 | TrendMicro Detected: True Result: TROJ_VSTART.SMA Version: Update: 20160801 382 | McAfee-GW-Edition Detected: True Result: BehavesLike.Win32.Sdbot.cc Version: Update: 20160801 383 | Emsisoft Detected: True Result: Win32.Sality.3 (B) Version: Update: 20160801 384 | F-Prot Detected: True Result: W32/Sality.gen2 Version: Update: 20160801 385 | Jiangmin Detected: True Result: Win32/HLLP.Kuku.Gen Version: Update: 20160801 386 | Avira Detected: True Result: W32/Sality.AT Version: Update: 20160801 387 | Fortinet Detected: True Result: W32/Generic.AC.2D85!tr Version: Update: 20160801 388 | Antiy-AVL Detected: True Result: Virus/Win32.Dzan.a Version: Update: 20160801 389 | Kingsoft Detected: True Result: Win32.Sality.lx.368640 Version: Update: 20160801 390 | Arcabit Detected: True Result: Win32.Sality.3 Version: Update: 20160801 391 | AegisLab Detected: True Result: Troj.W32.Gen.lZLu Version: Update: 20160801 392 | AhnLab-V3 Detected: True Result: Win32/Kashu.E Version: Update: 20160801 393 | Microsoft Detected: True Result: DDoS:Win32/Nitol.B Version: Update: 20160801 394 | TotalDefense Detected: True Result: Win32/Sality.AA Version: Update: 20160801 395 | ALYac Detected: True Result: Win32.Sality.3 Version: Update: 20160801 396 | AVware Detected: True Result: Virus.Win32.Sality.at (v) Version: Update: 20160801 397 | VBA32 Detected: True Result: Virus.Win32.Sality.bakc Version: Update: 20160801 398 | Zoner Detected: True Result: TrojanDownloader.ServStart.AC Version: Update: 20160801 399 | Tencent Detected: True Result: Trojan.Win32.FakeLpk.bkd Version: Update: 20160801 400 | Yandex Detected: True Result: Win32.Sality.BL Version: Update: 20160731 401 | Ikarus Detected: True Result: Trojan.Win32.ServStart Version: Update: 20160801 402 | GData Detected: True Result: Win32.Sality.3 Version: Update: 20160801 403 | AVG Detected: True Result: BackDoor.Generic_r.ARQ Version: Update: 20160801 404 | Panda Detected: True Result: W32/Sality.AA Version: Update: 20160801 405 | Qihoo-360 Detected: True Result: Backdoor.Win32.Rbot.B Version: Update: 20160801",NA,,,,,,,https://otx.alienvault.com/indicator/file/E02CE6D73156A11BA84A798B26DE1D12,0,,None,,,,,,,,http://www.threatexpert.com/reports.aspx?find=E02CE6D73156A11BA84A798B26DE1D12,"W32.Sality.AE, Virus.Win32.Sality.gen, W32/Sality.gen.z, Mal/Sality-D.." 406 | B4ED7AEDACD28CBBDE6978FB09C22C75,MD5,False,https://www.virustotal.com/file/6a6f5ca9ea72f4573e8406ef3c2539fee721093b48124d99bcdd3093a06b7638/analysis/1472590951/,2016-08-30 21:02:31,6a6f5ca9ea72f4573e8406ef3c2539fee721093b48124d99bcdd3093a06b7638,c6336ea255efa7371337c0882d175bee44cbbd49,b4ed7aedacd28cbbde6978fb09c22c75,"Scan finished, information embedded",56,58,96.5517241379,"Bkav Detected: True Result: W32.BackdoorWabot.Trojan Version: Update: 20160830 407 | MicroWorld-eScan Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 408 | nProtect Detected: True Result: Backdoor/W32.Wabot.1667584 Version: Update: 20160830 409 | CMC Detected: True Result: Backdoor.Win32.Wabot!O Version: Update: 20160830 410 | CAT-QuickHeal Detected: True Result: Trojan.Wabot.A8 Version: Update: 20160830 411 | ALYac Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 412 | Malwarebytes Detected: True Result: Backdoor.Wabot Version: Update: 20160830 413 | VIPRE Detected: True Result: Trojan.Win32.Generic!SB.0 Version: Update: 20160830 414 | SUPERAntiSpyware Detected: True Result: Trojan.Agent/Gen-Wabot Version: Update: 20160830 415 | CrowdStrike Detected: True Result: malicious_confidence_100% (W) Version: Update: 20160725 416 | Alibaba Detected: False Result: None Version: Update: 20160830 417 | K7GW Detected: True Result: Trojan ( 004be76d1 ) Version: Update: 20160830 418 | K7AntiVirus Detected: True Result: Trojan ( 004be76d1 ) Version: Update: 20160830 419 | TheHacker Detected: True Result: Backdoor/Wabot.a Version: Update: 20160829 420 | Invincea Detected: True Result: backdoor.win32.wabot.a Version: Update: 20160830 421 | Baidu Detected: True Result: Win32.Backdoor.Wabot.a Version: Update: 20160830 422 | F-Prot Detected: True Result: W32/A-a17f4dfc!Eldorado Version: Update: 20160830 423 | Symantec Detected: True Result: W32.Wabot Version: Update: 20160830 424 | TotalDefense Detected: True Result: Win32/DCMgreen.A Version: Update: 20160830 425 | Zoner Detected: True Result: I-Worm.Delf.NRF Version: Update: 20160830 426 | TrendMicro-HouseCall Detected: True Result: BKDR_WABOT.SMIA Version: Update: 20160830 427 | Avast Detected: True Result: Win32:Wabot [Trj] Version: Update: 20160830 428 | ClamAV Detected: True Result: Win.Trojan.Wabot-1 Version: Update: 20160830 429 | Kaspersky Detected: True Result: Backdoor.Win32.Wabot.a Version: Update: 20160830 430 | BitDefender Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 431 | NANO-Antivirus Detected: True Result: Trojan.Win32.Wabot.dmukv Version: Update: 20160830 432 | ViRobot Detected: True Result: Backdoor.Win32.Wabot.157619[h] Version: Update: 20160830 433 | Tencent Detected: True Result: Trojan.Win32.Wabot.a Version: Update: 20160830 434 | Ad-Aware Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 435 | Sophos Detected: True Result: Troj/Luiha-M Version: Update: 20160830 436 | Comodo Detected: True Result: Backdoor.Win32.Wabot.A Version: Update: 20160830 437 | F-Secure Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 438 | DrWeb Detected: True Result: Trojan.MulDrop2.11051 Version: Update: 20160830 439 | Zillya Detected: True Result: Backdoor.Wabot.Win32.1 Version: Update: 20160830 440 | TrendMicro Detected: True Result: BKDR_WABOT.SMIA Version: Update: 20160830 441 | McAfee-GW-Edition Detected: True Result: BehavesLike.Win32.Wabot.tc Version: Update: 20160830 442 | Emsisoft Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli (B) Version: Update: 20160830 443 | Cyren Detected: True Result: W32/A-a17f4dfc!Eldorado Version: Update: 20160830 444 | Jiangmin Detected: True Result: Backdoor/Wabot.z Version: Update: 20160830 445 | Avira Detected: True Result: TR/Dldr.Delphi.Gen Version: Update: 20160830 446 | Antiy-AVL Detected: True Result: Trojan[Backdoor]/Win32.Wabot.a Version: Update: 20160830 447 | Kingsoft Detected: False Result: None Version: Update: 20160830 448 | Microsoft Detected: True Result: Backdoor:Win32/Wabot.A Version: Update: 20160830 449 | AegisLab Detected: True Result: Backdoor.W32.Wabot.tn6b Version: Update: 20160830 450 | GData Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 451 | AhnLab-V3 Detected: True Result: Worm/Win32.IRCBot.N2091513092 Version: Update: 20160830 452 | McAfee Detected: True Result: W32/Wabot Version: Update: 20160830 453 | AVware Detected: True Result: Trojan.Win32.Generic!SB.0 Version: Update: 20160830 454 | VBA32 Detected: True Result: Backdoor.Wabot Version: Update: 20160830 455 | Arcabit Detected: True Result: Trojan.ShellIni.ED32CE Version: Update: 20160830 456 | ESET-NOD32 Detected: True Result: Win32/Delf.NRF Version: Update: 20160830 457 | Rising Detected: True Result: Malware.Heuristic!ET (rdm+) Version: Update: 20160830 458 | Yandex Detected: True Result: Backdoor.Wabot!AWDH2njzaiI Version: Update: 20160830 459 | Ikarus Detected: True Result: P2P-Worm.Win32.Delf Version: Update: 20160830 460 | Fortinet Detected: True Result: W32/Generic.AC.234D!tr Version: Update: 20160830 461 | AVG Detected: True Result: BackDoor.Wabot.A Version: Update: 20160830 462 | Panda Detected: True Result: Backdoor Program Version: Update: 20160830 463 | Qihoo-360 Detected: True Result: Backdoor.Win32.Agent.DP Version: Update: 20160830",NA,,,,,,,https://otx.alienvault.com/indicator/file/B4ED7AEDACD28CBBDE6978FB09C22C75,0,,None,c6336ea255efa7371337c0882d175bee44cbbd49,6a6f5ca9ea72f4573e8406ef3c2539fee721093b48124d99bcdd3093a06b7638,b4ed7aedacd28cbbde6978fb09c22c75,24576:51bR29qjMWFMeXgGOEF4Y9qxwW2dexOJ0LOG0MXO0+8vLisg9FMRSLFRM7UXF:5dAW6SpOEFwzOc5eZoL7xSh2QV,1667584,PEXE,"PE32 executable (GUI) Intel 80386, for MS Windows",http://www.threatexpert.com/reports.aspx?find=B4ED7AEDACD28CBBDE6978FB09C22C75,"Trojan.Gen, Backdoor.Win32.Wabot.a, W32/Wabot, Troj/Luiha-M.." 464 | C6336EA255EFA7371337C0882D175BEE44CBBD49,SHA-1,False,https://www.virustotal.com/file/6a6f5ca9ea72f4573e8406ef3c2539fee721093b48124d99bcdd3093a06b7638/analysis/1472590951/,2016-08-30 21:02:31,6a6f5ca9ea72f4573e8406ef3c2539fee721093b48124d99bcdd3093a06b7638,c6336ea255efa7371337c0882d175bee44cbbd49,b4ed7aedacd28cbbde6978fb09c22c75,"Scan finished, information embedded",56,58,96.5517241379,"Bkav Detected: True Result: W32.BackdoorWabot.Trojan Version: Update: 20160830 465 | MicroWorld-eScan Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 466 | nProtect Detected: True Result: Backdoor/W32.Wabot.1667584 Version: Update: 20160830 467 | CMC Detected: True Result: Backdoor.Win32.Wabot!O Version: Update: 20160830 468 | CAT-QuickHeal Detected: True Result: Trojan.Wabot.A8 Version: Update: 20160830 469 | ALYac Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 470 | Malwarebytes Detected: True Result: Backdoor.Wabot Version: Update: 20160830 471 | VIPRE Detected: True Result: Trojan.Win32.Generic!SB.0 Version: Update: 20160830 472 | SUPERAntiSpyware Detected: True Result: Trojan.Agent/Gen-Wabot Version: Update: 20160830 473 | CrowdStrike Detected: True Result: malicious_confidence_100% (W) Version: Update: 20160725 474 | Alibaba Detected: False Result: None Version: Update: 20160830 475 | K7GW Detected: True Result: Trojan ( 004be76d1 ) Version: Update: 20160830 476 | K7AntiVirus Detected: True Result: Trojan ( 004be76d1 ) Version: Update: 20160830 477 | TheHacker Detected: True Result: Backdoor/Wabot.a Version: Update: 20160829 478 | Invincea Detected: True Result: backdoor.win32.wabot.a Version: Update: 20160830 479 | Baidu Detected: True Result: Win32.Backdoor.Wabot.a Version: Update: 20160830 480 | F-Prot Detected: True Result: W32/A-a17f4dfc!Eldorado Version: Update: 20160830 481 | Symantec Detected: True Result: W32.Wabot Version: Update: 20160830 482 | TotalDefense Detected: True Result: Win32/DCMgreen.A Version: Update: 20160830 483 | Zoner Detected: True Result: I-Worm.Delf.NRF Version: Update: 20160830 484 | TrendMicro-HouseCall Detected: True Result: BKDR_WABOT.SMIA Version: Update: 20160830 485 | Avast Detected: True Result: Win32:Wabot [Trj] Version: Update: 20160830 486 | ClamAV Detected: True Result: Win.Trojan.Wabot-1 Version: Update: 20160830 487 | Kaspersky Detected: True Result: Backdoor.Win32.Wabot.a Version: Update: 20160830 488 | BitDefender Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 489 | NANO-Antivirus Detected: True Result: Trojan.Win32.Wabot.dmukv Version: Update: 20160830 490 | ViRobot Detected: True Result: Backdoor.Win32.Wabot.157619[h] Version: Update: 20160830 491 | Tencent Detected: True Result: Trojan.Win32.Wabot.a Version: Update: 20160830 492 | Ad-Aware Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 493 | Sophos Detected: True Result: Troj/Luiha-M Version: Update: 20160830 494 | Comodo Detected: True Result: Backdoor.Win32.Wabot.A Version: Update: 20160830 495 | F-Secure Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 496 | DrWeb Detected: True Result: Trojan.MulDrop2.11051 Version: Update: 20160830 497 | Zillya Detected: True Result: Backdoor.Wabot.Win32.1 Version: Update: 20160830 498 | TrendMicro Detected: True Result: BKDR_WABOT.SMIA Version: Update: 20160830 499 | McAfee-GW-Edition Detected: True Result: BehavesLike.Win32.Wabot.tc Version: Update: 20160830 500 | Emsisoft Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli (B) Version: Update: 20160830 501 | Cyren Detected: True Result: W32/A-a17f4dfc!Eldorado Version: Update: 20160830 502 | Jiangmin Detected: True Result: Backdoor/Wabot.z Version: Update: 20160830 503 | Avira Detected: True Result: TR/Dldr.Delphi.Gen Version: Update: 20160830 504 | Antiy-AVL Detected: True Result: Trojan[Backdoor]/Win32.Wabot.a Version: Update: 20160830 505 | Kingsoft Detected: False Result: None Version: Update: 20160830 506 | Microsoft Detected: True Result: Backdoor:Win32/Wabot.A Version: Update: 20160830 507 | AegisLab Detected: True Result: Backdoor.W32.Wabot.tn6b Version: Update: 20160830 508 | GData Detected: True Result: Gen:Trojan.ShellIni.LHZ@aW0Tlfli Version: Update: 20160830 509 | AhnLab-V3 Detected: True Result: Worm/Win32.IRCBot.N2091513092 Version: Update: 20160830 510 | McAfee Detected: True Result: W32/Wabot Version: Update: 20160830 511 | AVware Detected: True Result: Trojan.Win32.Generic!SB.0 Version: Update: 20160830 512 | VBA32 Detected: True Result: Backdoor.Wabot Version: Update: 20160830 513 | Arcabit Detected: True Result: Trojan.ShellIni.ED32CE Version: Update: 20160830 514 | ESET-NOD32 Detected: True Result: Win32/Delf.NRF Version: Update: 20160830 515 | Rising Detected: True Result: Malware.Heuristic!ET (rdm+) Version: Update: 20160830 516 | Yandex Detected: True Result: Backdoor.Wabot!AWDH2njzaiI Version: Update: 20160830 517 | Ikarus Detected: True Result: P2P-Worm.Win32.Delf Version: Update: 20160830 518 | Fortinet Detected: True Result: W32/Generic.AC.234D!tr Version: Update: 20160830 519 | AVG Detected: True Result: BackDoor.Wabot.A Version: Update: 20160830 520 | Panda Detected: True Result: Backdoor Program Version: Update: 20160830 521 | Qihoo-360 Detected: True Result: Backdoor.Win32.Agent.DP Version: Update: 20160830",NA,,,,,,,https://otx.alienvault.com/indicator/file/C6336EA255EFA7371337C0882D175BEE44CBBD49,0,,None,c6336ea255efa7371337c0882d175bee44cbbd49,6a6f5ca9ea72f4573e8406ef3c2539fee721093b48124d99bcdd3093a06b7638,b4ed7aedacd28cbbde6978fb09c22c75,24576:51bR29qjMWFMeXgGOEF4Y9qxwW2dexOJ0LOG0MXO0+8vLisg9FMRSLFRM7UXF:5dAW6SpOEFwzOc5eZoL7xSh2QV,1667584,PEXE,"PE32 executable (GUI) Intel 80386, for MS Windows",N/A, 522 | C43E6425E2485A47018ADE6022E43272,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/c43e6425e2485a47018ade6022e43272,0,,None,,,,,,,,N/A, 523 | 437808CD8621CC6900F0CA0379037072,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/437808cd8621cc6900f0ca0379037072,0,,None,,,,,,,,N/A, 524 | D41D8CD98F00B204E9800998ECF8427E,MD5,True,https://www.virustotal.com/file/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/analysis/1474160392/,2016-09-18 00:59:52,e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855,da39a3ee5e6b4b0d3255bfef95601890afd80709,d41d8cd98f00b204e9800998ecf8427e,"Scan finished, information embedded",0,55,0.0,"Bkav Detected: False Result: None Version: Update: 20160917 525 | MicroWorld-eScan Detected: False Result: None Version: Update: 20160918 526 | nProtect Detected: False Result: None Version: Update: 20160917 527 | CMC Detected: False Result: None Version: Update: 20160916 528 | CAT-QuickHeal Detected: False Result: None Version: Update: 20160917 529 | McAfee Detected: False Result: None Version: Update: 20160917 530 | Malwarebytes Detected: False Result: None Version: Update: 20160917 531 | VIPRE Detected: False Result: None Version: Update: 20160918 532 | AegisLab Detected: False Result: None Version: Update: 20160917 533 | TheHacker Detected: False Result: None Version: Update: 20160916 534 | BitDefender Detected: False Result: None Version: Update: 20160918 535 | K7GW Detected: False Result: None Version: Update: 20160917 536 | K7AntiVirus Detected: False Result: None Version: Update: 20160917 537 | Arcabit Detected: False Result: None Version: Update: 20160917 538 | Baidu Detected: False Result: None Version: Update: 20160914 539 | F-Prot Detected: False Result: None Version: Update: 20160918 540 | Symantec Detected: False Result: None Version: Update: 20160918 541 | ESET-NOD32 Detected: False Result: None Version: Update: 20160917 542 | TrendMicro-HouseCall Detected: False Result: None Version: Update: 20160918 543 | Avast Detected: False Result: None Version: Update: 20160918 544 | ClamAV Detected: False Result: None Version: Update: 20160916 545 | Kaspersky Detected: False Result: None Version: Update: 20160917 546 | Alibaba Detected: False Result: None Version: Update: 20160914 547 | NANO-Antivirus Detected: False Result: None Version: Update: 20160918 548 | ViRobot Detected: False Result: None Version: Update: 20160917 549 | Rising Detected: False Result: None Version: Update: 20160918 550 | Ad-Aware Detected: False Result: None Version: Update: 20160918 551 | Sophos Detected: False Result: None Version: Update: 20160918 552 | Comodo Detected: False Result: None Version: Update: 20160916 553 | F-Secure Detected: False Result: None Version: Update: 20160918 554 | DrWeb Detected: False Result: None Version: Update: 20160918 555 | Zillya Detected: False Result: None Version: Update: 20160915 556 | TrendMicro Detected: False Result: None Version: Update: 20160918 557 | McAfee-GW-Edition Detected: False Result: None Version: Update: 20160918 558 | Emsisoft Detected: False Result: None Version: Update: 20160918 559 | Cyren Detected: False Result: None Version: Update: 20160918 560 | Jiangmin Detected: False Result: None Version: Update: 20160917 561 | Avira Detected: False Result: None Version: Update: 20160917 562 | Antiy-AVL Detected: False Result: None Version: Update: 20160918 563 | Kingsoft Detected: False Result: None Version: Update: 20160918 564 | Microsoft Detected: False Result: None Version: Update: 20160917 565 | SUPERAntiSpyware Detected: False Result: None Version: Update: 20160917 566 | GData Detected: False Result: None Version: Update: 20160918 567 | AhnLab-V3 Detected: False Result: None Version: Update: 20160917 568 | ALYac Detected: False Result: None Version: Update: 20160918 569 | AVware Detected: False Result: None Version: Update: 20160918 570 | VBA32 Detected: False Result: None Version: Update: 20160917 571 | Zoner Detected: False Result: None Version: Update: 20160917 572 | Tencent Detected: False Result: None Version: Update: 20160918 573 | Yandex Detected: False Result: None Version: Update: 20160917 574 | Ikarus Detected: False Result: None Version: Update: 20160917 575 | Fortinet Detected: False Result: None Version: Update: 20160918 576 | AVG Detected: False Result: None Version: Update: 20160918 577 | Panda Detected: False Result: None Version: Update: 20160917 578 | Qihoo-360 Detected: False Result: None Version: Update: 20160918",https://www.threatcrowd.org/malware.php?md5=d41d8cd98f00b204e9800998ecf8427e,0117a6026e1a3fcff386558a2c7386deb4643662,d41d8cd98f00b204e9800998ecf8427e,,,intweb.mobwork.net,BackDoor.Comet.2020; Mal/MSIL-PX; Trojan.MSIL.Crypt; W32/Trojan.UEGX-7731; Backdoor*Win32/Fynloski; Trojan ( 004be5b21 ); MSIL/Packed.Confuser.P suspicious; Suspicious.0000000000480.mg; TR/Crypt.Xpack.440461; ,Invalid file hash,,,,,,,,,,,http://www.threatexpert.com/reports.aspx?find=d41d8cd98f00b204e9800998ecf8427e,"Mal/Behav-044, Trojan-Spy.Win32.Bancos 579 | W32.Ramnit!inf, Virus.Win32.Nimnul.a, W32/Ramnit.a, W32/Patched-I.. 580 | W32.Ramnit!inf, Virus.Win32.Nimnul.a, W32/Ramnit.a, W32/Patched-I.. 581 | Backdoor:Win32/Zegost.Q, Backdoor.Win32.Inject 582 | [High Risk] 583 | Trojan:MSIL/Bladabindi.B 584 | Trojan-Dropper.Win32.Dorifel 585 | Win32.SuspectCrc, Backdoor.ProRAT.K 586 | Trojan:MSIL/Bladabindi.B, Win32.SuspectCrc 587 | W32.Kwbot.Worm, Trojan-Dropper.Win32.Loring, WORM_SDBOT.DMA.. 588 | Trojan:MSIL/Bladabindi.B 589 | 4" 590 | 09086237C41485F6FE4005C4B5BC6384,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/09086237c41485f6fe4005c4b5bc6384,0,,None,,,,,,,,N/A, 591 | 722AF0DFE55ABBF6474AF48662FB91D8,MD5,False,https://www.virustotal.com/file/2467a366f32ade28b9d0208d4271606bfa342bca2c3f719a842bb0fac87a5f20/analysis/1472895272/,2016-09-03 09:34:32,2467a366f32ade28b9d0208d4271606bfa342bca2c3f719a842bb0fac87a5f20,1d9010010aea2b2021673f4a9a1f749e4814fb5b,722af0dfe55abbf6474af48662fb91d8,"Scan finished, information embedded",0,56,0.0,"Bkav Detected: False Result: None Version: Update: 20160901 592 | MicroWorld-eScan Detected: False Result: None Version: Update: 20160903 593 | nProtect Detected: False Result: None Version: Update: 20160903 594 | CMC Detected: False Result: None Version: Update: 20160901 595 | CAT-QuickHeal Detected: False Result: None Version: Update: 20160902 596 | ALYac Detected: False Result: None Version: Update: 20160903 597 | Malwarebytes Detected: False Result: None Version: Update: 20160903 598 | Zillya Detected: False Result: None Version: Update: 20160902 599 | TheHacker Detected: False Result: None Version: Update: 20160903 600 | BitDefender Detected: False Result: None Version: Update: 20160903 601 | K7GW Detected: False Result: None Version: Update: 20160903 602 | K7AntiVirus Detected: False Result: None Version: Update: 20160903 603 | Baidu Detected: False Result: None Version: Update: 20160903 604 | F-Prot Detected: False Result: None Version: Update: 20160903 605 | Symantec Detected: False Result: None Version: Update: 20160903 606 | ESET-NOD32 Detected: False Result: None Version: Update: 20160903 607 | TrendMicro-HouseCall Detected: False Result: None Version: Update: 20160903 608 | Avast Detected: False Result: None Version: Update: 20160903 609 | ClamAV Detected: False Result: None Version: Update: 20160903 610 | Kaspersky Detected: False Result: None Version: Update: 20160903 611 | Alibaba Detected: False Result: None Version: Update: 20160901 612 | NANO-Antivirus Detected: False Result: None Version: Update: 20160903 613 | ViRobot Detected: False Result: None Version: Update: 20160903 614 | AegisLab Detected: False Result: None Version: Update: 20160903 615 | Rising Detected: False Result: None Version: Update: 20160903 616 | Ad-Aware Detected: False Result: None Version: Update: 20160903 617 | Sophos Detected: False Result: None Version: Update: 20160903 618 | Comodo Detected: False Result: None Version: Update: 20160903 619 | F-Secure Detected: False Result: None Version: Update: 20160903 620 | DrWeb Detected: False Result: None Version: Update: 20160903 621 | VIPRE Detected: False Result: None Version: Update: 20160831 622 | TrendMicro Detected: False Result: None Version: Update: 20160903 623 | McAfee-GW-Edition Detected: False Result: None Version: Update: 20160903 624 | Emsisoft Detected: False Result: None Version: Update: 20160903 625 | Cyren Detected: False Result: None Version: Update: 20160903 626 | Jiangmin Detected: False Result: None Version: Update: 20160903 627 | Avira Detected: False Result: None Version: Update: 20160903 628 | Fortinet Detected: False Result: None Version: Update: 20160903 629 | Antiy-AVL Detected: False Result: None Version: Update: 20160903 630 | Kingsoft Detected: False Result: None Version: Update: 20160903 631 | Arcabit Detected: False Result: None Version: Update: 20160903 632 | SUPERAntiSpyware Detected: False Result: None Version: Update: 20160902 633 | AhnLab-V3 Detected: False Result: None Version: Update: 20160902 634 | Microsoft Detected: False Result: None Version: Update: 20160903 635 | TotalDefense Detected: False Result: None Version: Update: 20160903 636 | McAfee Detected: False Result: None Version: Update: 20160903 637 | AVware Detected: False Result: None Version: Update: 20160903 638 | VBA32 Detected: False Result: None Version: Update: 20160902 639 | Zoner Detected: False Result: None Version: Update: 20160903 640 | Tencent Detected: False Result: None Version: Update: 20160903 641 | Yandex Detected: False Result: None Version: Update: 20160902 642 | Ikarus Detected: False Result: None Version: Update: 20160903 643 | GData Detected: False Result: None Version: Update: 20160903 644 | AVG Detected: False Result: None Version: Update: 20160903 645 | Panda Detected: False Result: None Version: Update: 20160903 646 | Qihoo-360 Detected: False Result: None Version: Update: 20160903",NA,,,,,,,https://otx.alienvault.com/indicator/file/722af0dfe55abbf6474af48662fb91d8,0,,None,,,,,,,,N/A, 647 | 72B7C72C78082ADCF63472F3D7C10717,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/72b7c72c78082adcf63472f3d7c10717,0,,None,,,,,,,,N/A, 648 | 4D63D089958764E3AE4F4807D744A8C3,MD5,False,https://www.virustotal.com/file/227e939e4d8bcb0a11265199e85bae28e96a14f06eddebbfcc44804f80094663/analysis/1472895308/,2016-09-03 09:35:08,227e939e4d8bcb0a11265199e85bae28e96a14f06eddebbfcc44804f80094663,3aaa36aee7e240630c3d6568a89a7fb5615da4f8,4d63d089958764e3ae4f4807d744a8c3,"Scan finished, information embedded",0,56,0.0,"Bkav Detected: False Result: None Version: Update: 20160901 649 | MicroWorld-eScan Detected: False Result: None Version: Update: 20160903 650 | nProtect Detected: False Result: None Version: Update: 20160903 651 | CMC Detected: False Result: None Version: Update: 20160901 652 | CAT-QuickHeal Detected: False Result: None Version: Update: 20160902 653 | ALYac Detected: False Result: None Version: Update: 20160903 654 | Malwarebytes Detected: False Result: None Version: Update: 20160903 655 | Zillya Detected: False Result: None Version: Update: 20160902 656 | TheHacker Detected: False Result: None Version: Update: 20160903 657 | BitDefender Detected: False Result: None Version: Update: 20160903 658 | K7GW Detected: False Result: None Version: Update: 20160903 659 | K7AntiVirus Detected: False Result: None Version: Update: 20160903 660 | Baidu Detected: False Result: None Version: Update: 20160903 661 | F-Prot Detected: False Result: None Version: Update: 20160903 662 | Symantec Detected: False Result: None Version: Update: 20160903 663 | ESET-NOD32 Detected: False Result: None Version: Update: 20160903 664 | TrendMicro-HouseCall Detected: False Result: None Version: Update: 20160903 665 | Avast Detected: False Result: None Version: Update: 20160903 666 | ClamAV Detected: False Result: None Version: Update: 20160903 667 | Kaspersky Detected: False Result: None Version: Update: 20160903 668 | Alibaba Detected: False Result: None Version: Update: 20160901 669 | NANO-Antivirus Detected: False Result: None Version: Update: 20160903 670 | ViRobot Detected: False Result: None Version: Update: 20160903 671 | AegisLab Detected: False Result: None Version: Update: 20160903 672 | Rising Detected: False Result: None Version: Update: 20160903 673 | Ad-Aware Detected: False Result: None Version: Update: 20160903 674 | Sophos Detected: False Result: None Version: Update: 20160903 675 | Comodo Detected: False Result: None Version: Update: 20160903 676 | F-Secure Detected: False Result: None Version: Update: 20160903 677 | DrWeb Detected: False Result: None Version: Update: 20160903 678 | VIPRE Detected: False Result: None Version: Update: 20160831 679 | TrendMicro Detected: False Result: None Version: Update: 20160903 680 | McAfee-GW-Edition Detected: False Result: None Version: Update: 20160903 681 | Emsisoft Detected: False Result: None Version: Update: 20160903 682 | Cyren Detected: False Result: None Version: Update: 20160903 683 | Jiangmin Detected: False Result: None Version: Update: 20160903 684 | Avira Detected: False Result: None Version: Update: 20160903 685 | Fortinet Detected: False Result: None Version: Update: 20160903 686 | Antiy-AVL Detected: False Result: None Version: Update: 20160903 687 | Kingsoft Detected: False Result: None Version: Update: 20160903 688 | Arcabit Detected: False Result: None Version: Update: 20160903 689 | SUPERAntiSpyware Detected: False Result: None Version: Update: 20160902 690 | AhnLab-V3 Detected: False Result: None Version: Update: 20160902 691 | Microsoft Detected: False Result: None Version: Update: 20160903 692 | TotalDefense Detected: False Result: None Version: Update: 20160903 693 | McAfee Detected: False Result: None Version: Update: 20160903 694 | AVware Detected: False Result: None Version: Update: 20160903 695 | VBA32 Detected: False Result: None Version: Update: 20160902 696 | Zoner Detected: False Result: None Version: Update: 20160903 697 | Tencent Detected: False Result: None Version: Update: 20160903 698 | Yandex Detected: False Result: None Version: Update: 20160902 699 | Ikarus Detected: False Result: None Version: Update: 20160903 700 | GData Detected: False Result: None Version: Update: 20160903 701 | AVG Detected: False Result: None Version: Update: 20160903 702 | Panda Detected: False Result: None Version: Update: 20160903 703 | Qihoo-360 Detected: False Result: None Version: Update: 20160903",NA,,,,,,,https://otx.alienvault.com/indicator/file/4d63d089958764e3ae4f4807d744a8c3,0,,None,,,,,,,,N/A, 704 | 8F5C93009247A2FFF6FB374D92493569,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/8f5c93009247a2fff6fb374d92493569,0,,None,,,,,,,,N/A, 705 | 9FE3F38EF5E6707A6562FA58DCA0C18D,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/9fe3f38ef5e6707a6562fa58dca0c18d,0,,None,,,,,,,,N/A, 706 | 5896E004F2217216B697D9482804BD9D,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/5896e004f2217216b697d9482804bd9d,0,,None,,,,,,,,N/A, 707 | FD97C23426E0ACBB816B519CFC532FBC,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/fd97c23426e0acbb816b519cfc532fbc,0,,None,,,,,,,,N/A, 708 | 68C548D736CBD92384EEADB8697E8725,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/68c548d736cbd92384eeadb8697e8725,0,,None,,,,,,,,N/A, 709 | 882FE1C294EBB3ABB7F52D9D75EE773B,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/882fe1c294ebb3abb7f52d9d75ee773b,0,,None,,,,,,,,N/A, 710 | 10B2D46EA7EF795E244BB86A400D3B71,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/10b2d46ea7ef795e244bb86a400d3b71,0,,None,,,,,,,,N/A, 711 | A19ACDB6C53FA07697FF294954111DDD,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/a19acdb6c53fa07697ff294954111ddd,0,,None,,,,,,,,N/A, 712 | 29E2241A3E4660C38A2698CB71C161B2,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/29e2241a3e4660c38a2698cb71c161b2,0,,None,,,,,,,,N/A, 713 | C464EAA03D156FC77EF53DB778709DDD,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/c464eaa03d156fc77ef53db778709ddd,0,,None,,,,,,,,N/A, 714 | 7841AA4D680E37D4916D5F3E46CB672C,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/7841aa4d680e37d4916d5f3e46cb672c,0,,None,,,,,,,,N/A, 715 | 39413FB629ABFE361FBF2194A3340139,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/39413fb629abfe361fbf2194a3340139,0,,None,,,,,,,,N/A, 716 | 281D4E2C202B1FD9B0A915D7A0ED34CA,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/281d4e2c202b1fd9b0a915d7a0ed34ca,0,,None,,,,,,,,N/A, 717 | 4BF9A23F3A47741CDD62D0C8B43FB7F9,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/4bf9a23f3a47741cdd62d0c8b43fb7f9,0,,None,,,,,,,,N/A, 718 | D7CB50F117B5501F853EB3E6785572B3,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/d7cb50f117b5501f853eb3e6785572b3,0,,None,,,,,,,,N/A, 719 | 60B3382E470CC887C938AEC11A6D4E3C,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/60b3382e470cc887c938aec11a6d4e3c,0,,None,,,,,,,,N/A, 720 | F2FF1136DC5E73B0D30C7422AA52F628,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/f2ff1136dc5e73b0d30c7422aa52f628,0,,None,,,,,,,,N/A, 721 | 351CE7B80F53432E34C15A9DEE807DB3,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/351ce7b80f53432e34c15a9dee807db3,0,,None,,,,,,,,N/A, 722 | A1ADC5F314857BB6F77508883FD0ECF1,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/a1adc5f314857bb6f77508883fd0ecf1,0,,None,,,,,,,,N/A, 723 | 2D098EF53D9F2457D209C1DCCB5BF643,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/2d098ef53d9f2457d209c1dccb5bf643,0,,None,,,,,,,,N/A, 724 | 2A0A5FA600ED3A60D4115D20F130916E,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/2a0a5fa600ed3a60d4115d20f130916e,0,,None,,,,,,,,N/A, 725 | 998A12EAEE95E4FAA40B6E7F9EAB66B4,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/998a12eaee95e4faa40b6e7f9eab66b4,0,,None,,,,,,,,N/A, 726 | 17DAF4D21F85B2EA158859BDFA5E5D18,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/17daf4d21f85b2ea158859bdfa5e5d18,0,,None,,,,,,,,N/A, 727 | DDFEEE36220F23C8125CC0072CAD72FD,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/ddfeee36220f23c8125cc0072cad72fd,0,,None,,,,,,,,N/A, 728 | 59404212D43216AEC14D5DC55944F94C,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/59404212d43216aec14d5dc55944f94c,0,,None,,,,,,,,N/A, 729 | CD320AD7714A625FC0DDE4D343815F70,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/cd320ad7714a625fc0dde4d343815f70,0,,None,,,,,,,,N/A, 730 | EEF23A706E34FDAA9F6EDEC02B61B053,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/eef23a706e34fdaa9f6edec02b61b053,0,,None,,,,,,,,N/A, 731 | 53F6C4C36C2D8EF612BDEBBD11A6E1BE,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/53f6c4c36c2d8ef612bdebbd11a6e1be,0,,None,,,,,,,,N/A, 732 | 851109B3556F682902AACDFB02E63478,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/851109b3556f682902aacdfb02e63478,0,,None,,,,,,,,N/A, 733 | 168B9B13E89F51905C7AE4A128C4C2B8,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/168b9b13e89f51905c7ae4a128c4c2b8,0,,None,,,,,,,,N/A, 734 | B521E723EDFEEA36D191EC8934E1DFC2,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/b521e723edfeea36d191ec8934e1dfc2,0,,None,,,,,,,,N/A, 735 | A37283B22822F62F2C5E2DF912465411,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/a37283b22822f62f2c5e2df912465411,0,,None,,,,,,,,N/A, 736 | E8E38677CFAC45C8004E0B1098F512BA,MD5,False,,,,,,"The requested resource is not among the finished, queued or pending scans",0,0,NaN,,NA,,,,,,,https://otx.alienvault.com/indicator/file/e8e38677cfac45c8004e0b1098f512ba,0,,None,,,,,,,,N/A, 737 | --------------------------------------------------------------------------------