× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 11979f97d187449e8290d173093a03364d5759723df72f33edb5d0f7b52cbd8b
File name: lanesvolume.exe
Detection ratio: 13 / 65
Analysis date: 2018-09-12 08:29:36 UTC ( 5 months, 2 weeks ago ) View latest
Antivirus Result Update
AVware LooksLike.Win32.Dridex.e (v) 20180912
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Emsisoft Trojan.Emotet (A) 20180912
Endgame malicious (high confidence) 20180730
Sophos ML heuristic 20180717
Microsoft Trojan:Win32/Emotet.AC!bit 20180912
Palo Alto Networks (Known Signatures) generic.ml 20180912
Qihoo-360 HEUR/QVM20.1.D015.Malware.Gen 20180912
Rising Spyware.Ursnif!8.1DEF (TFE:dGZlOgEEcqHp3Dw7mg) 20180912
Symantec Packed.Generic.517 20180912
VBA32 Malware-Cryptor.Limpopo 20180911
VIPRE LooksLike.Win32.Dridex.e (v) 20180912
Webroot W32.Trojan.Emotet 20180912
Ad-Aware 20180912
AegisLab 20180912
AhnLab-V3 20180911
Alibaba 20180713
ALYac 20180912
Antiy-AVL 20180912
Arcabit 20180912
Avast 20180912
Avast-Mobile 20180912
AVG 20180912
Avira (no cloud) 20180912
Babable 20180907
Baidu 20180912
BitDefender 20180912
Bkav 20180911
CAT-QuickHeal 20180909
ClamAV 20180912
CMC 20180912
Comodo 20180911
Cylance 20180912
Cyren 20180912
DrWeb 20180912
eGambit 20180912
ESET-NOD32 20180912
F-Prot 20180912
F-Secure 20180912
Fortinet 20180912
GData 20180912
Ikarus 20180912
Jiangmin 20180911
K7AntiVirus 20180912
K7GW 20180912
Kaspersky 20180912
Kingsoft 20180912
Malwarebytes 20180912
MAX 20180912
McAfee 20180912
McAfee-GW-Edition 20180912
eScan 20180912
NANO-Antivirus 20180912
Panda 20180911
SentinelOne (Static ML) 20180830
Sophos AV 20180912
SUPERAntiSpyware 20180907
Symantec Mobile Insight 20180911
TACHYON 20180912
Tencent 20180912
TheHacker 20180907
TrendMicro 20180912
TrendMicro-HouseCall 20180912
Trustlook 20180912
ViRobot 20180912
Yandex 20180910
Zillya 20180911
ZoneAlarm by Check Point 20180912
Zoner 20180911
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Internal name ESSLDDQ.dll
File version 91.333.22.1
Description OpenSSL
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-09-12 14:45:21
Entry Point 0x0002364A
Number of sections 6
PE sections
PE imports
RevertToSelf
RegSetKeySecurity
FrameRgn
EndPage
SetThreadLocale
GetModuleHandleA
VerifyScripts
GetProcessHeap
RasDeleteEntryW
I_RpcGetExtendedError
SetupDiBuildClassInfoListExW
StrChrNW
IsCharLowerW
Number of PE resources by type
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
SLOVENIAN DEFAULT 1
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
1006425862

LinkerVersion
12.0

ImageVersion
0.0

FileVersionNumber
2.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
OpenSSL

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
0

EntryPoint
0x2364a

MIMEType
application/octet-stream

FileVersion
91.333.22.1

TimeStamp
2018:09:12 16:45:21+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
ESSLDDQ.dll

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Coni Enterprice

CodeSize
147456

FileSubtype
0

ProductVersionNumber
2.0.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 07ee43876c07dcbe467c2aa9929b5d51
SHA1 f08503ae6df5bb35e63ea5d9b25137d0ad3bb316
SHA256 11979f97d187449e8290d173093a03364d5759723df72f33edb5d0f7b52cbd8b
ssdeep
6144:l3e7Gd2GLg9UJTvVQRIbGHo9uPc2TQc293eHkdns/:BSGdvLg9ivVoI9KDQ1Fu/

authentihash 37e8959edc775493b77336a185e4727bfca303e389a691c1dc21158a525ced8a
imphash e4157912f4d2ce0c5ca81d55e99bd46b
File size 508.0 KB ( 520192 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-09-12 07:50:22 UTC ( 5 months, 2 weeks ago )
Last submission 2018-11-23 13:10:40 UTC ( 3 months ago )
File names tvfyp05DmKV.exe
GOYMETGJSDz.exe
28502488.exe
LjSXn18Bg.exe
8LZdP1kzzT.exe
AT9j3bniXM.exe
Rmniioy1U.exe
yg1CmX8jboG6.exe
3z2OZ14EAsA.exe
VNtwEMwvL9g.exe
jhbcHIwQjA7I.exe
D69E20A5.exe
mUyyuIQfr.exe
21686544.exe
5i6wKQEaXC.exe
04.exe
2qZlHOdf4wIi.exe
AnQHI7ssVwlI.exe
ESSLDDQ.dll
5uT7EHHUv.exe
07ee43876c07dcbe467c2aa9929b5d51
Kafan_Sample_11979f97d187449e8290d173093a03364d5759723df72f33edb5d0f7b52cbd8b.exe
21752280.exe
leelawlayout.exe
75XA7ANG9z.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!