× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0112ffd8887f179eb48b320675f84664f7d2194223bcfa9b9421e74c130fd081
File name: output.113055965.txt
Detection ratio: 50 / 67
Analysis date: 2018-04-05 22:32:53 UTC ( 10 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.30513883 20180405
AegisLab Ml.Attribute.Gen!c 20180405
AhnLab-V3 Trojan/Win32.Emotet.R224250 20180405
ALYac Trojan.GenericKD.30513883 20180405
Antiy-AVL Trojan/Win32.Dovs 20180405
Arcabit Trojan.Generic.D1D19ADB 20180405
Avast Win32:Malware-gen 20180405
AVG Win32:Malware-gen 20180405
Avira (no cloud) TR/Dovs.ikyxr 20180405
AVware Trojan.Win32.Generic!BT 20180405
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9981 20180404
BitDefender Trojan.GenericKD.30513883 20180405
Bkav HW32.Packed.49F9 20180405
CAT-QuickHeal Trojan.Cloxer 20180405
ClamAV Win.Trojan.Emotet-6490545-0 20180405
Comodo CloudScanner.Trojan.Gen 20180405
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20170201
Cybereason malicious.4ac7d1 20180225
Cylance Unsafe 20180405
Cyren W32/Trojan.HVNX-2400 20180405
eGambit Unsafe.AI_Score_70% 20180405
Emsisoft Trojan.GenericKD.30513883 (B) 20180405
Endgame malicious (high confidence) 20180403
ESET-NOD32 a variant of Win32/Kryptik.GFCB 20180405
F-Secure Trojan.GenericKD.30513883 20180405
Fortinet W32/Kryptik.GDRZ!tr 20180405
GData Win32.Trojan-Spy.Emotet.NY 20180405
Ikarus Trojan.SuspectCRC 20180405
Sophos ML heuristic 20180121
K7AntiVirus Riskware ( 0040eff71 ) 20180404
K7GW Riskware ( 0040eff71 ) 20180405
Kaspersky Trojan.Win32.Dovs.nae 20180405
Malwarebytes Trojan.Emotet.Generic 20180405
MAX malware (ai score=95) 20180405
McAfee Artemis!BF34634FF590 20180405
McAfee-GW-Edition BehavesLike.Win32.Virut.nc 20180405
Microsoft Trojan:Win32/Skeeyah.A!rfn 20180405
eScan Trojan.GenericKD.30513883 20180405
NANO-Antivirus Trojan.Win32.Dovs.ezjmyr 20180405
Palo Alto Networks (Known Signatures) generic.ml 20180405
Panda Trj/Genetic.gen 20180405
Qihoo-360 HEUR/QVM20.1.334B.Malware.Gen 20180405
Rising Trojan.Kryptik!8.8 (TFE:2:5DY5QsxCyYN) 20180405
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/EncPk-ANR 20180405
Symantec Trojan.Gen.6 20180405
TrendMicro TSPY_EMOTET.AUSYYOS 20180405
TrendMicro-HouseCall TSPY_EMOTET.AUSYYOS 20180405
VIPRE Trojan.Win32.Generic!BT 20180405
ZoneAlarm by Check Point Trojan.Win32.Dovs.nae 20180405
Alibaba 20180404
Avast-Mobile 20180405
CMC 20180405
DrWeb 20180405
F-Prot 20180405
Jiangmin 20180405
Kingsoft 20180405
nProtect 20180405
SUPERAntiSpyware 20180405
Symantec Mobile Insight 20180401
Tencent 20180405
TheHacker 20180404
TotalDefense 20180405
Trustlook 20180405
VBA32 20180405
ViRobot 20180405
WhiteArmor 20180405
Yandex 20180405
Zillya 20180405
Zoner 20180405
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserv

Product Microsoft® Windows® Operating S
Original name kbdlao.dll
Internal name kbdlao (3.
File version 6.1.7600.16385 (win7_rtm.090713-1255)
Description Lao Standard Keyboa
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1994-02-03 14:10:11
Entry Point 0x000062C5
Number of sections 9
PE sections
PE imports
SetColorAdjustment
CreateRectRgn
SetRectRgn
GetStdHandle
GetNamedPipeInfo
GetConsoleMode
LocalFileTimeToFileTime
UnregisterApplicationRecoveryCallback
GetFileType
GetCommandLineA
GetUserDefaultLCID
GetConsoleScreenBufferInfo
GetCurrentThreadId
RpcBindingInqAuthInfoExW
PathRemoveFileSpecA
SetTimer
CreatePopupMenu
GetTitleBarInfo
GetUpdateRgn
keybd_event
GetFocus
GetThreadDesktop
SCardConnectW
OleGetIconOfFile
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
11.1

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.1.7601.17514

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Lao Standard Keyboa

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
83968

EntryPoint
0x62c5

OriginalFileName
kbdlao.dll

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserv

FileVersion
6.1.7600.16385 (win7_rtm.090713-1255)

TimeStamp
1994:02:03 06:10:11-08:00

FileType
Win32 EXE

PEType
PE32

InternalName
kbdlao (3.

ProductVersion
6.1.7600.1638

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporatio

CodeSize
0

ProductName
Microsoft Windows Operating S

ProductVersionNumber
6.1.7601.17514

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 bf34634ff59005392ec3c16168284d02
SHA1 d2926244ac7d187fdc027a550a3cdacb375d56e0
SHA256 0112ffd8887f179eb48b320675f84664f7d2194223bcfa9b9421e74c130fd081
ssdeep
1536:5R0a+BnpcSOY+HMkUFXKtrif5HjyzqDJQQ9KQfMXYUIRrvIV1QxAbTz:+/cy2MkkXK9i5GzsGQ9KQsQMwxAj

authentihash 847dd1d58c90a67747501d28410dd053b761cbf178cb0258315b5ee84b2aea02
imphash 1741c1825f7e591af94328955882a4e8
File size 97.5 KB ( 99840 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-03-31 23:36:30 UTC ( 10 months, 4 weeks ago )
Last submission 2018-05-05 17:37:51 UTC ( 9 months, 3 weeks ago )
File names Xq21WLPz7evmTc.exe
kbdlao.dll
output.113055965.txt
d2926244ac7d187fdc027a550a3cdacb375d56e0.exe
9760.exe
kbdlao (3.
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!