DigTool.exe
- Filename:
- DigTool.exe
- md5:
- 2c216b2905ef5fb3043870cec0dd0e50
- sha1:
- be81663f4698cac3d79aba75e3c457c0a62cab3f
- sha256:
- 5e5e20960dc321adb91b291105d3eed6d1662e24a816cac510ecc2f23c83dc41
- Filetype:
- PE32+ executable (GUI) x86-64, for MS Windows, 7 s ...
- Size (Bytes):
- 71220539
- Classification:
- malicious
- Indexed:
- Sun Jul 27 2025 09:24:39 GMT+0000 (2 months ago)
- Last modified:
- Sun Jul 27 2025 12:45:32 GMT+0000 (2 months ago)
Sample information
2
Antivirus detections0
IDS alerts3
Processes0
Http events0
Contacted hosts0
DNS Requests8
Score
Current activity of this Sample
Blacklist timeline
First seen: Sun Jul 27 2025 09:45:03 GMT+0000
Last seen: Sun Jul 27 2025 12:45:32 GMT+0000
Period: 3 hours
Last seen: Sun Jul 27 2025 12:45:32 GMT+0000
Period: 3 hours
Hashes
In depth details
Dates
Developers can check API Specification here:
Request:
curl -H "Authorization: Bearer <API_KEY>" https://api.maltiverse.com/sample/5e5e20960dc321adb91b291105d3eed6d1662e24a816cac510ecc2f23c83dc41
Request:
Alternatively you can use Maltiverse Python3 Library:
import requests
import json
url = 'https://api.maltiverse.com/sample/5e5e20960dc321adb91b291105d3eed6d1662e24a816cac510ecc2f23c83dc41'
response = requests.get(url)
print(json.dumps(response.json(), indent=4, sort_keys=True))
Request:
$url = 'https://api.maltiverse.com/sample/5e5e20960dc321adb91b291105d3eed6d1662e24a816cac510ecc2f23c83dc41'
$headers = @{Authorization=("Bearer {0}" -f "<API_KEY>")}
$response = Invoke-RestMethod $url -Headers $headers
Write-Output $response
Response:
{
"antivirus": [
{
"description": "Malicious",
"name": "APEX"
},
{
"description": "Trojan.Agent.Win32.4270125",
"name": "Zillya"
}
],
"blacklist": [
{
"count": 16,
"description": "Generic Malware",
"first_seen": "2025-07-27 09:45:03",
"last_seen": "2025-07-27 12:45:32",
"ref": [
21745
],
"source": "Hybrid-Analysis"
}
],
"classification": "malicious",
"creation_time": "2025-07-27 09:24:39",
"filename": [
"DigTool.exe"
],
"filetype": "PE32+ executable (GUI) x86-64, for MS Windows, 7 s ...",
"is_alive": false,
"is_cdn": false,
"is_cnc": false,
"is_distributing_malware": false,
"is_hosting": false,
"is_iot_threat": false,
"is_known_attacker": false,
"is_known_scanner": false,
"is_mining_pool": false,
"is_open_proxy": false,
"is_phishing": false,
"is_sinkhole": false,
"is_storing_phishing": false,
"is_tor_node": false,
"is_vpn_node": false,
"md5": "2c216b2905ef5fb3043870cec0dd0e50",
"modification_time": "2025-07-27 12:45:32",
"process_list": [
{
"name": "DigTool.exe",
"normalizedpath": "C:\\DigTool.exe",
"sha256": "5e5e20960dc321adb91b291105d3eed6d1662e24a816cac510ecc2f23c83dc41",
"uid": "00000000-00005380"
},
{
"name": "DigTool.exe",
"normalizedpath": "C:\\DigTool.exe",
"sha256": "5e5e20960dc321adb91b291105d3eed6d1662e24a816cac510ecc2f23c83dc41",
"uid": "00000000-00006516"
},
{
"commandline": "/c \"ver\"",
"name": "cmd.exe",
"normalizedpath": "%WINDIR%\\system32\\cmd.exe",
"sha256": "423e0e810a69aaceba0e5670e58aff898cf0ebffab99ccb46ebb3464c3d2facb",
"uid": "00000000-00002876"
}
],
"score": 8,
"scoring_executed_time": "2025-07-27 09:45:04",
"sha1": "be81663f4698cac3d79aba75e3c457c0a62cab3f",
"sha256": "5e5e20960dc321adb91b291105d3eed6d1662e24a816cac510ecc2f23c83dc41",
"size": 71220539,
"type": "sample"
}
Antivirus positives
| Antivirus | Threat |
|---|---|
| APEX | Malicious |
| Zillya | Trojan.Agent.Win32.4270125 |
Process list
- uid
- 00000000-00005380
- commandline
- name
- DigTool.exe
- normalizedpath
- C:\DigTool.exe
- sha256
- 5e5e20960dc321adb91b291105d3eed6d1662e24a816cac510ecc2f23c83dc41
- uid
- 00000000-00006516
- commandline
- name
- DigTool.exe
- normalizedpath
- C:\DigTool.exe
- sha256
- 5e5e20960dc321adb91b291105d3eed6d1662e24a816cac510ecc2f23c83dc41
- uid
- 00000000-00002876
- commandline
- /c "ver"
- name
- cmd.exe
- normalizedpath
- %WINDIR%\system32\cmd.exe
- sha256
- 423e0e810a69aaceba0e5670e58aff898cf0ebffab99ccb46ebb3464c3d2facb