× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 126d92bbf5e3077ce065df58e984216437fce6acbe00c546102de4353a6f61ee
File name: 6b68cb8768d8c6a0badcd1bbdafb8af7
Detection ratio: 26 / 67
Analysis date: 2018-03-19 11:32:46 UTC ( 9 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Mikey.79885 20180319
ALYac Gen:Variant.Mikey.79885 20180319
Arcabit Trojan.Mikey.D1380D 20180319
Avast Win32:Malware-gen 20180319
AVG Win32:Malware-gen 20180319
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9942 20180319
BitDefender Gen:Variant.Mikey.79885 20180319
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170201
Cylance Unsafe 20180319
DrWeb Trojan.MulDrop7.65124 20180319
eGambit Unsafe.AI_Score_100% 20180319
Emsisoft Gen:Variant.Mikey.79885 (B) 20180319
Endgame malicious (high confidence) 20180316
F-Secure Gen:Variant.Mikey.79885 20180319
Fortinet W32/Dridex.BT!tr 20180319
GData Gen:Variant.Mikey.79885 20180319
Sophos ML heuristic 20180121
MAX malware (ai score=88) 20180319
McAfee Emotet-FGU!6B68CB8768D8 20180319
McAfee-GW-Edition Emotet-FGU!6B68CB8768D8 20180319
eScan Gen:Variant.Mikey.79885 20180319
Qihoo-360 HEUR/QVM40.1.ED40.Malware.Gen 20180319
Rising Trojan.Crypto!8.364 (TFE:5:O80Ks7J3CGJ) 20180319
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/EncPk-ANR 20180319
Webroot W32.Trojan.Gen 20180319
AegisLab 20180319
AhnLab-V3 20180319
Alibaba 20180322
Antiy-AVL 20180319
Avast-Mobile 20180319
Avira (no cloud) 20180319
AVware 20180319
Bkav 20180319
CAT-QuickHeal 20180319
ClamAV 20180319
CMC 20180319
Comodo 20180319
Cybereason None
Cyren 20180319
ESET-NOD32 20180319
F-Prot 20180319
Ikarus 20180319
Jiangmin 20180319
K7AntiVirus 20180319
K7GW 20180319
Kaspersky 20180319
Kingsoft 20180319
Malwarebytes 20180319
Microsoft 20180319
NANO-Antivirus 20180319
nProtect 20180319
Palo Alto Networks (Known Signatures) 20180319
Panda 20180318
SUPERAntiSpyware 20180319
Symantec 20180319
Symantec Mobile Insight 20180311
Tencent 20180319
TheHacker 20180319
TotalDefense 20180315
TrendMicro 20180319
TrendMicro-HouseCall 20180319
Trustlook 20180319
VBA32 20180319
VIPRE 20180319
ViRobot 20180319
WhiteArmor 20180223
Yandex 20180319
ZoneAlarm by Check Point 20180319
Zoner 20180319
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name apisetstub
Internal name apisetstub
File version 7.1.9612.16385 (winblue_rtm.130821-1623)
Description ApiSet Stub DLL
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-03-06 22:04:31
Entry Point 0x00001360
Number of sections 6
PE sections
PE imports
DeleteObject
CreateRectRgn
wglGetProcAddress
wnsprintfA
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.0

InitializedDataSize
0

ImageVersion
0.0

ProductName
Microsoft Windows Operating System

FileVersionNumber
6.3.9600.16384

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

LinkerVersion
12.0

CompanyNafg
Necorsoft Corporation

EntryPoint
0x1360

OriginalFileName
apisetstub

MIMEType
application/octet-stream

Subsystem
Windows command line

FileVersion
7.1.9612.16385 (winblue_rtm.130821-1623)

TimeStamp
2018:03:06 23:04:31+01:00

FileType
Win32 DLL

PEType
PE32

InternalName
apisetstub

ProductVersion
6.3.9600.16384

FileDescription
ApiSet Stub DLL

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
Microsoft Corporation. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CodeSize
2063370106

FileSubtype
0

ProductVersionNumber
6.3.9600.16384

FileTypeExtension
dll

ObjectFileType
Dynamic link library

File identification
MD5 6b68cb8768d8c6a0badcd1bbdafb8af7
SHA1 44abca9379588112f2ba54f79764f5e8b6dd55c1
SHA256 126d92bbf5e3077ce065df58e984216437fce6acbe00c546102de4353a6f61ee
ssdeep
6144:LA/iGSOjZaxsIAXqyNkdyM0puz0OVP+FjggauK5b5RA652hFgn:LA/u/sIAQdyM2ZO5+pGblEu

authentihash a50101d3364eeae95326ce2cf502eed7af1a0b13cc7c836032ff7db60ca141aa
imphash a8b290dbb37c65a7db1fead15a855068
File size 476.0 KB ( 487424 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
pedll

VirusTotal metadata
First submission 2018-03-19 11:32:46 UTC ( 9 months ago )
Last submission 2018-03-19 11:32:46 UTC ( 9 months ago )
File names 6b68cb8768d8c6a0badcd1bbdafb8af7
apisetstub
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!