× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 087a2947e77a42758924b5da53b5b36b2931e7c8843ef2ca09c8f3f4654a75c1
Detection ratio: 50 / 66
Analysis date: 2018-06-04 17:51:59 UTC ( 8 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Emotet.22 20180604
AegisLab Gen.Variant.Emotet!c 20180604
AhnLab-V3 Trojan/Win32.Agent.R228650 20180604
ALYac Gen:Variant.Emotet.22 20180604
Antiy-AVL Trojan/Win32.TSGeneric 20180604
Arcabit Trojan.Emotet.22 20180604
Avast Win32:Malware-gen 20180604
AVG Win32:Malware-gen 20180604
Avira (no cloud) TR/Crypt.ZPACK.fvibe 20180604
AVware Trojan.Win32.Generic!BT 20180604
BitDefender Gen:Variant.Emotet.22 20180604
CAT-QuickHeal Trojan.Cloxer 20180604
Cylance Unsafe 20180604
Cyren W32/Trojan.INBI-0316 20180604
DrWeb Trojan.EmotetENT.222 20180604
Emsisoft Gen:Variant.Emotet.22 (B) 20180604
Endgame malicious (high confidence) 20180507
ESET-NOD32 a variant of Win32/Kryptik.GGWW 20180604
F-Secure Gen:Variant.Emotet.22 20180604
Fortinet W32/GenKryptik.BTIX!tr 20180604
GData Gen:Variant.Emotet.22 20180604
Ikarus Trojan.Win32.Crypt 20180604
Sophos ML heuristic 20180601
Jiangmin Trojan.Agent.bhgw 20180604
K7AntiVirus Trojan ( 005321871 ) 20180604
K7GW Trojan ( 005321871 ) 20180604
Kaspersky Trojan.Win32.Agent.qwgofa 20180604
Malwarebytes Spyware.PasswordStealer 20180604
MAX malware (ai score=96) 20180604
McAfee RDN/Generic.grp 20180604
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.dm 20180604
Microsoft Trojan:Win32/Tiggre!rfn 20180604
eScan Gen:Variant.Emotet.22 20180604
NANO-Antivirus Trojan.Win32.Kryptik.fcspcw 20180604
Palo Alto Networks (Known Signatures) generic.ml 20180604
Panda Trj/CI.A 20180604
Qihoo-360 Win32/Trojan.bb4 20180604
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/EncPk-ANX 20180604
SUPERAntiSpyware Trojan.Agent/Gen-Kryptik 20180604
Symantec Packed.Generic.517 20180604
Tencent Win32.Trojan.Agent.Wtdq 20180604
TrendMicro TROJ_GEN.R002C0OEL18 20180604
TrendMicro-HouseCall TSPY_HPEMOTET.SMAL8 20180604
VBA32 BScope.Trojan.Emotet 20180604
VIPRE Trojan.Win32.Generic!BT 20180604
Webroot W32.Trojan.Emotet 20180604
Yandex Trojan.Agent!EPs4lBfsZ1E 20180529
Zillya Trojan.Kryptik.Win32.1421746 20180604
ZoneAlarm by Check Point Trojan.Win32.Agent.qwgofa 20180604
Alibaba 20180604
Avast-Mobile 20180604
Babable 20180406
Baidu 20180604
Bkav 20180604
ClamAV 20180604
CMC 20180604
Comodo 20180604
CrowdStrike Falcon (ML) 20180202
Cybereason None
eGambit 20180604
F-Prot 20180604
Kingsoft 20180604
nProtect 20180604
Rising 20180604
Symantec Mobile Insight 20180601
TheHacker 20180531
TotalDefense 20180604
Trustlook 20180604
ViRobot 20180604
Zoner 20180604
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2028-12-25 04:27:37
Entry Point 0x00002293
Number of sections 10
PE sections
PE imports
FindFirstFileNameTransactedW
AttachConsole
LZSeek
DragQueryFileW
SHGetDesktopFolder
DragFinish
SHGetDiskFreeSpaceExA
SHAppBarMessage
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
JAPANESE DEFAULT 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2028:12:24 20:27:37-08:00

FileType
Win32 EXE

PEType
PE32

CodeSize
0

LinkerVersion
12.164

ImageFileCharacteristics
Executable, 32-bit

Warning
Error processing PE data dictionary

EntryPoint
0x2293

InitializedDataSize
200704

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 de4aad0ab6f80760483115e5bb0af183
SHA1 8d5306e36f4069e948fd821f0dd4ad1b1b885691
SHA256 087a2947e77a42758924b5da53b5b36b2931e7c8843ef2ca09c8f3f4654a75c1
ssdeep
1536:R7yYRVbQOWVUI0hClHdjBkHkNQ7WbDTOwckcN4De5vBwTEZVNDmBSAkWs+:R7jDMOS8eoWQ78DTOwVUp3N86+

authentihash 4f1477bb07d55bb38c37cbf18075979db2e52d45822a1689ab43945c5a9bb977
imphash 85ef02398d25d0b3b4eaae46394f2158
File size 208.0 KB ( 212992 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
peexe

VirusTotal metadata
First submission 2018-05-21 21:45:37 UTC ( 9 months ago )
Last submission 2018-05-26 17:57:52 UTC ( 8 months, 4 weeks ago )
File names initmcr.exe
4830.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!