× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1303b0c13c92b3e003b1e4616e12f27172484dc508babc8bf119ee9948de3dcb
File name: 1303b0c13c92b3e003b1e4616e12f27172484dc508babc8bf119ee9948de3dcb
Detection ratio: 16 / 71
Analysis date: 2019-02-11 16:08:20 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Emotet.R212958 20190211
AVG FileRepMalware 20190211
CAT-QuickHeal Trojan.Emotet.X4 20190210
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181023
Cylance Unsafe 20190211
Endgame malicious (high confidence) 20181108
Ikarus Trojan-Banker.Emotet 20190211
Malwarebytes Trojan.Emotet.Generic 20190211
Microsoft Trojan:Win32/Emotet 20190211
Qihoo-360 HEUR/QVM20.1.28CF.Malware.Gen 20190211
Rising Trojan.GenKryptik!8.AA55/N3#95% (RDM+:cmRtazp2NZDRKaRbBzOEnf3i3ZLc) 20190211
SentinelOne (Static ML) static engine - malicious 20190203
Symantec ML.Attribute.HighConfidence 20190211
Trapmine malicious.high.ml.score 20190123
VBA32 BScope.Trojan.Refinka 20190211
Webroot W32.Trojan.Emotet 20190211
Acronis 20190208
Ad-Aware 20190211
AegisLab 20190211
Alibaba 20180921
ALYac 20190211
Antiy-AVL 20190211
Arcabit 20190211
Avast 20190211
Avast-Mobile 20190211
Avira (no cloud) 20190211
Babable 20180918
Baidu 20190202
BitDefender 20190211
Bkav 20190201
ClamAV 20190211
CMC 20190211
Comodo 20190211
Cybereason 20190109
Cyren 20190211
DrWeb 20190211
eGambit 20190211
Emsisoft 20190211
ESET-NOD32 20190211
F-Prot 20190211
F-Secure 20190211
Fortinet 20190211
GData 20190211
Sophos ML 20181128
Jiangmin 20190211
K7AntiVirus 20190211
K7GW 20190211
Kaspersky 20190211
Kingsoft 20190211
MAX 20190211
McAfee 20190211
McAfee-GW-Edition 20190211
eScan 20190211
NANO-Antivirus 20190211
Palo Alto Networks (Known Signatures) 20190211
Panda 20190211
Sophos AV 20190211
SUPERAntiSpyware 20190206
Symantec Mobile Insight 20190207
TACHYON 20190211
Tencent 20190211
TheHacker 20190203
TotalDefense 20190210
TrendMicro 20190211
TrendMicro-HouseCall 20190211
Trustlook 20190211
VIPRE None
ViRobot 20190211
Yandex 20190210
Zillya 20190211
ZoneAlarm by Check Point 20190211
Zoner 20190211
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All r

Product Microsoft® Windows® Operating
Internal name Microsoft
File version 6.1.7600.16385
Description Microsoft DirectMusic Intera
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-02-11 16:01:19
Entry Point 0x00013273
Number of sections 5
PE sections
PE imports
GetSidSubAuthorityCount
GetCalendarInfoEx
GetLargestConsoleWindowSize
IsSystemResumeAutomatic
GetModuleHandleW
Wow64SetThreadContext
VarCyMulI8
StrChrNW
InitializeSecurityContextW
DdeDisconnectList
TrackPopupMenu
GetCursorInfo
InternetAutodial
towupper
memset
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
CodeSize
80384

SubsystemVersion
5.0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2001.12.4414.258

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Microsoft DirectMusic Intera

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
399360

EntryPoint
0x13273

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All r

FileVersion
6.1.7600.16385

TimeStamp
2019:02:11 17:01:19+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Microsoft

ProductVersion
6.1.7600.16

UninitializedDataSize
0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporati

LegalTrademarks
Microsoft(R) is a registered trademark of Microsoft Corporation. Windows(TM) is a trademark of Microsoft Corporation

ProductName
Microsoft Windows Operating

ProductVersionNumber
3.1.0.4414

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 8f328da6be2e83996d9c76bb561f253b
SHA1 a507b204be3e6ead33a262da95048f7360f61a46
SHA256 1303b0c13c92b3e003b1e4616e12f27172484dc508babc8bf119ee9948de3dcb
ssdeep
3072:F3QXC39MkymvzNTrLdeXIvaZVqn6pp63e1d9bVuD97KxQ372Zn5o0gM9s0ZIZ+QQ:t725O0dZIZ+NQM+FcioY

authentihash 0b2c903ee49fc8c0eac109a32b4ae22554ab519e92ff5a167c338bf23adc0b4e
imphash 5445a10832bcd234c17f183dd1f7b4a3
File size 461.5 KB ( 472576 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2019-02-11 16:08:20 UTC ( 1 month, 1 week ago )
Last submission 2019-02-12 00:50:13 UTC ( 1 month, 1 week ago )
File names SqBDrxvVC.exe
tO35ukFYibG.exe
aQUWrPZH0.exe
I7lfmcCqL.exe
ID69LlnnFItL.exe
RFbXem3zMhnK.exe
xo5bnX7r.exe
Microsoft
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!