× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 02e6fa9cfbc5272b47cde561477c46d553f839ea54fea1df7d76e370021b4da4
File name: 482.exe
Detection ratio: 44 / 69
Analysis date: 2018-12-21 21:30:55 UTC ( 2 months ago ) View latest
Antivirus Result Update
Acronis malware 20180726
Ad-Aware Trojan.GenericKD.40851867 20181221
AegisLab Trojan.Win32.Malicious.4!c 20181221
AhnLab-V3 Malware/Gen.Generic.C2899594 20181221
ALYac Trojan.Agent.Emotet 20181221
Arcabit Trojan.Generic.D26F599B 20181221
Avast Win32:MalwareX-gen [Trj] 20181221
AVG Win32:MalwareX-gen [Trj] 20181221
Avira (no cloud) TR/AD.Emotet.bwoju 20181221
BitDefender Trojan.GenericKD.40851867 20181221
Bkav HW32.Packed. 20181221
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.b194c8 20180225
Cylance Unsafe 20181221
Cyren W32/Emotet.LE.gen!Eldorado 20181221
eGambit Unsafe.AI_Score_99% 20181221
Emsisoft Trojan.GenericKD.40851867 (B) 20181221
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GOAF 20181221
F-Prot W32/Emotet.LE.gen!Eldorado 20181221
F-Secure Trojan.GenericKD.40851867 20181221
Fortinet W32/Kryptik.GOAF!tr 20181221
GData Trojan.GenericKD.40851867 20181221
Ikarus Trojan-Banker.Emotet 20181221
Sophos ML heuristic 20181128
Kaspersky Trojan-Banker.Win32.Emotet.bwdo 20181221
Malwarebytes Trojan.Emotet 20181221
McAfee Emotet-FJX!0C899AEB194C 20181221
McAfee-GW-Edition BehavesLike.Win32.Emotet.cc 20181221
Microsoft Trojan:Win32/Emotet.AC!bit 20181221
eScan Trojan.GenericKD.40851867 20181221
Palo Alto Networks (Known Signatures) generic.ml 20181221
Panda Trj/CI.A 20181221
Qihoo-360 HEUR/QVM20.1.0595.Malware.Gen 20181221
Rising Trojan.Emotet!8.B95 (CLOUD) 20181221
SentinelOne (Static ML) static engine - malicious 20181011
Sophos AV Mal/EncPk-ANY 20181221
Symantec Trojan.Emotet 20181221
Trapmine malicious.high.ml.score 20181205
TrendMicro TROJ_FRS.VSN14L18 20181221
TrendMicro-HouseCall TROJ_FRS.VSN14L18 20181221
VBA32 BScope.Trojan.Refinka 20181221
Webroot W32.Trojan.Gen 20181221
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bwdo 20181221
Alibaba 20180921
Antiy-AVL 20181221
Avast-Mobile 20181221
Babable 20180918
Baidu 20181207
CAT-QuickHeal 20181221
ClamAV 20181221
CMC 20181221
Comodo 20181221
DrWeb 20181221
Jiangmin 20181221
K7AntiVirus 20181221
K7GW 20181221
Kingsoft 20181221
MAX 20181221
NANO-Antivirus 20181221
SUPERAntiSpyware 20181220
Symantec Mobile Insight 20181215
TACHYON 20181221
Tencent 20181221
TheHacker 20181220
Trustlook 20181221
ViRobot 20181221
Yandex 20181221
Zillya 20181219
Zoner 20181221
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © Microsoft Corp. 1993-2001.

Internal name ASYCFILT.DLL
File version 5.1.2600.2180
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-07-18 02:23:20
Entry Point 0x00002810
Number of sections 8
PE sections
PE imports
IsTokenRestricted
GetDCPenColor
GetPolyFillMode
GetFileTime
NormalizeString
LockFileEx
SetFilePointer
GetTapeStatus
SetEvent
GetConsoleProcessList
GetUserDefaultLCID
GetVersion
EmptyClipboard
GetLastActivePopup
GetSysColor
GetKeyboardType
RegisterRawInputDevices
SCardGetCardTypeProviderNameA
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
CodeSize
135168

UninitializedDataSize
0

LinkerVersion
2.0

ImageVersion
5.1

FileVersionNumber
5.1.2600.2180

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
0

EntryPoint
0x2810

MIMEType
application/octet-stream

LegalCopyright
Copyright Microsoft Corp. 1993-2001.

FileVersion
5.1.2600.2180

TimeStamp
2002:07:18 03:23:20+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
ASYCFILT.DLL

ProductVersion
5.1.2600.2180

SubsystemVersion
6.0

OSVersion
6.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

LegalTrademarks
Microsoft is a registered trademark of Microsoft Corporation. Windows is a registered trademark of Microsoft Corporation.

FileSubtype
0

ProductVersionNumber
5.1.2600.2180

FileTypeExtension
exe

ObjectFileType
Dynamic link library

Execution parents
File identification
MD5 0c899aeb194c8d113d6256e9af25bee6
SHA1 62ab09c8dd6232ad533b96e6d38ee97835ecc160
SHA256 02e6fa9cfbc5272b47cde561477c46d553f839ea54fea1df7d76e370021b4da4
ssdeep
1536:HLm5+u6o6+dvwU9FuLuRqhkPzZt3uS/KbS93+h4MGj3ukwYknHQYByQeUqz87mUe:C5FO+dYaFqkHuLb83PbuwxZN87mUDoN

authentihash a66f5efbc8395c51224ec62c2bd172a6779d8fca5ef12f78c7cb9596882ef1a4
imphash 01f1f8598ca7d6934a59084ea824d894
File size 120.0 KB ( 122880 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-20 17:09:35 UTC ( 2 months ago )
Last submission 2018-12-31 03:52:23 UTC ( 1 month, 2 weeks ago )
File names 674.exe
rQrCiwxhm4K4.exe
WCAapmYwnEtg.exe
ASYCFILT.DLL
jSK8bmJP.exe
nGRQHTDZIW9y.exe
KXZk0ucGaF.exe
482.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!