× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 052e0c68d31fff49ba327afe8525e01a77f049f0f80efb90d92e693ca253b4ef
File name: output.113081222.txt
Detection ratio: 51 / 67
Analysis date: 2018-04-13 04:27:28 UTC ( 10 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.30558327 20180413
AegisLab Ml.Attribute.Gen!c 20180413
AhnLab-V3 Trojan/Win32.Emotet.R224583 20180412
ALYac Trojan.GenericKD.30558327 20180413
Antiy-AVL Trojan/Win32.TSGeneric 20180412
Arcabit Trojan.Generic.D1D24877 20180413
Avast Win32:Malware-gen 20180413
AVG Win32:Malware-gen 20180413
Avira (no cloud) TR/AD.HeodoDlder.wojik 20180412
AVware Trojan.Win32.Generic!BT 20180413
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180412
BitDefender Trojan.GenericKD.30558327 20180413
Bkav HW32.Packed.3B45 20180410
CAT-QuickHeal Trojan.Cloxer 20180412
ClamAV Win.Trojan.Emotet-6497938-0 20180412
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20170201
Cylance Unsafe 20180413
Cyren W32/Trojan.MVNW-1293 20180413
eGambit Unsafe.AI_Score_64% 20180413
Emsisoft Trojan.GenericKD.30558327 (B) 20180413
Endgame malicious (high confidence) 20180403
ESET-NOD32 a variant of Win32/Kryptik.GFJU 20180413
F-Secure Trojan.GenericKD.30558327 20180413
Fortinet W32/GenKryptik.BDQO!tr 20180413
GData Win32.Trojan-Spy.Emotet.OH 20180413
Ikarus Trojan-Banker.Emotet 20180412
Sophos ML heuristic 20180121
Jiangmin Trojan.Dovs.ehc 20180413
K7AntiVirus Trojan ( 0052d69c1 ) 20180412
K7GW Trojan ( 0052d69c1 ) 20180412
Kaspersky Trojan.Win32.Dovs.nlg 20180413
Malwarebytes Trojan.Emotet 20180413
MAX malware (ai score=94) 20180413
McAfee RDN/Generic.grp 20180413
McAfee-GW-Edition BehavesLike.Win32.Emotet.nc 20180413
Microsoft Trojan:Win32/Tiggre!rfn 20180413
eScan Trojan.GenericKD.30558327 20180413
Palo Alto Networks (Known Signatures) generic.ml 20180413
Panda Trj/Genetic.gen 20180412
Rising Trojan.Cloxer!8.F54F (TFE:4:DgpJXFaoEzJ) 20180413
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/EncPk-ANR 20180413
Symantec Trojan.Emotet 20180412
Tencent Win32.Trojan.Dovs.Sxew 20180413
TrendMicro TROJ_GEN.R057C0OD718 20180413
TrendMicro-HouseCall TSPY_HPEMOTET.SMZ3 20180413
VBA32 Trojan.Cloxer 20180412
VIPRE Trojan.Win32.Generic!BT 20180413
Webroot W32.Trojan.Emotet 20180413
Yandex Trojan.Dovs! 20180412
ZoneAlarm by Check Point Trojan.Win32.Dovs.nlg 20180413
Alibaba 20180413
Avast-Mobile 20180412
CMC 20180412
Comodo 20180413
Cybereason None
DrWeb 20180413
F-Prot 20180413
Kingsoft 20180413
NANO-Antivirus 20180413
nProtect 20180412
Qihoo-360 20180413
SUPERAntiSpyware 20180413
Symantec Mobile Insight 20180412
TheHacker 20180410
TotalDefense 20180412
Trustlook 20180413
ViRobot 20180413
WhiteArmor 20180408
Zillya 20180412
Zoner 20180412
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product LiteEdits
Original name LiteEdits.exe
Internal name LiteEdits.exe
File version 1.2.10.6
Description LiteEdits
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-04-07 07:43:17
Entry Point 0x000044BC
Number of sections 10
PE sections
PE imports
ImmGetIMEFileNameW
LocalFlags
RequestWakeupLatency
GetDynamicTimeZoneInformation
GetEnvironmentStringsW
GetSystemTimes
GetLocalTime
GetIconInfo
GetMenuInfo
IsWindowVisible
IsWindowUnicode
TranslateMessage
GetForegroundWindow
ShutdownBlockReasonDestroy
SetRect
SetWindowPos
CryptCATEnumerateAttr
inet_ntoa
SCardListReadersA
OleDestroyMenuDescriptor
Number of PE resources by type
RT_BITMAP 1
RT_MENU 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
90112

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.2.10.6

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
LiteEdits

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
11.11

EntryPoint
0x44bc

OriginalFileName
LiteEdits.exe

MIMEType
application/octet-stream

FileVersion
1.2.10.6

TimeStamp
2018:04:07 00:43:17-07:00

FileType
Win32 EXE

PEType
PE32

InternalName
LiteEdits.exe

ProductVersion
1.2.10.6-RELEASE-c2414ca0146a2375fa10514efac01b00087c225c

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
LiteEdits

CodeSize
0

ProductName
LiteEdits

ProductVersionNumber
1.2.10.6

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.2.10.6

File identification
MD5 5f2a6850c1a3cba549478ea83b4aaf3b
SHA1 3cb571fbb23b10a08afe9dd171a16b75a93e855a
SHA256 052e0c68d31fff49ba327afe8525e01a77f049f0f80efb90d92e693ca253b4ef
ssdeep
1536:4+CFkBjswzkdDS7gJVNbIkwdd54UELB5sdgJzMdB7HK7ZeXjonvx:4jkBjsUkoIV9Bwyj5sdgJzmB72Mg

authentihash 2613c29232f468af755d916def7732c6194ea7b9f38fd28fcccf152d318993ed
imphash 1079e6ed7d137f1ba51f327177de122a
File size 98.0 KB ( 100352 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-04-06 22:56:15 UTC ( 10 months, 2 weeks ago )
Last submission 2018-05-05 15:11:04 UTC ( 9 months, 2 weeks ago )
File names 1283.exe
8281.exe
0792.exe
LiteEdits.exe
qOwGotUG.exe
output.113081222.txt
9562.exe
59938.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!