× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 14e0a703ecc189ec2c8e60651cd17cec84e4e0fdbc8fade10ddafdb1747581b9
File name: dESne.exe
Detection ratio: 26 / 66
Analysis date: 2017-10-19 06:01:41 UTC ( 8 months, 1 week ago ) View latest
Antivirus Result Update
AegisLab W32.Troj.Spy!c 20171019
Avast FileRepMalware 20171019
AVG FileRepMalware 20171019
Avira (no cloud) TR/AD.Emotet.usimj 20171019
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20171019
BitDefender Trojan.GenericKD.6128216 20171019
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20170804
Cylance Unsafe 20171019
Endgame malicious (high confidence) 20171016
ESET-NOD32 a variant of Win32/Kryptik.FXWK 20171019
Fortinet W32/Kryptik.FXWK!tr 20171019
GData Win32.Trojan-Spy.Emotet.DU 20171019
Ikarus Win32.Outbreak 20171018
Sophos ML heuristic 20170914
K7GW Trojan ( 00519ac11 ) 20171019
Kaspersky UDS:DangerousObject.Multi.Generic 20171019
Malwarebytes Trojan.Emotet.Generic 20171019
McAfee Artemis!AC99F8F7E2F5 20171019
McAfee-GW-Edition BehavesLike.Win32.Virut.cc 20171018
Palo Alto Networks (Known Signatures) generic.ml 20171019
Qihoo-360 HEUR/QVM20.1.9877.Malware.Gen 20171019
SentinelOne (Static ML) static engine - malicious 20171001
Sophos AV Mal/EncPk-ANR 20171019
TrendMicro-HouseCall Suspicious_GEN.F47V1019 20171019
Webroot W32.Trojan.Emotet 20171019
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20171019
Ad-Aware 20171019
AhnLab-V3 20171018
Alibaba 20170911
ALYac 20171019
Antiy-AVL 20171019
Arcabit 20171019
Avast-Mobile 20171018
AVware 20171019
Bkav 20171019
CAT-QuickHeal 20171018
ClamAV 20171019
CMC 20171018
Comodo 20171019
Cyren 20171019
eGambit 20171019
Emsisoft 20171019
F-Prot 20171019
F-Secure 20171019
Jiangmin 20171019
K7AntiVirus 20171017
Kingsoft 20171019
MAX 20171019
Microsoft 20171018
eScan 20171019
NANO-Antivirus 20171019
nProtect 20171019
Panda 20171018
Rising 20171019
SUPERAntiSpyware 20171019
Symantec 20171018
Symantec Mobile Insight 20171011
Tencent 20171019
TheHacker 20171017
TotalDefense 20171019
TrendMicro 20171019
Trustlook 20171019
VBA32 20171018
VIPRE 20171019
ViRobot 20171019
WhiteArmor 20171016
Yandex 20171018
Zillya 20171018
Zoner 20171019
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name D3D10Level9.dll
Internal name D3D10Level9.dll
File version 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Description Direct3D 10 to Direct3D9 Translation Runtime
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-10-19 10:40:55
Entry Point 0x00001A90
Number of sections 7
PE sections
PE imports
OpenSCManagerW
CreateFontW
AreFileApisANSI
ConvertFiberToThread
GetTimeFormatW
RaiseException
GetConsoleAliasA
LocalAlloc
LocalFree
GetCommandLineW
FreeLibrary
UnregisterApplicationRestart
RegisterApplicationRestart
GetCurrentProcess
InterlockedExchange
GetCommandLineA
GlobalLock
GetProcAddress
LoadLibraryA
GetLastError
Ord(30)
Number of PE resources by type
HWB 5
RT_VERSION 1
Number of PE resources by language
ENGLISH US 6
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.1

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.1.7601.17514

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
26752

EntryPoint
0x1a90

OriginalFileName
D3D10Level9.dll

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
6.1.7601.17514 (win7sp1_rtm.101119-1850)

TimeStamp
2017:10:19 11:40:55+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
D3D10Level9.dll

ProductVersion
6.1.7601.17514

FileDescription
Direct3D 10 to Direct3D9 Translation Runtime

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
18944

ProductName
Microsoft Windows Operating System

ProductVersionNumber
6.1.7601.17514

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 ac99f8f7e2f5b4b46f963cb72a767eff
SHA1 00ff05fa2b68cc867efd819350c916caae8abfaf
SHA256 14e0a703ecc189ec2c8e60651cd17cec84e4e0fdbc8fade10ddafdb1747581b9
ssdeep
3072:Hhe/yRhZMglZnCBDDELKzqmQ7gBDusiEFhppJQsC7mWyaPaLU2dsZTreQ2:Be/GhZMglZnCBDDELKzqmQ7gBDusiEtC

authentihash 87cf916c54b92741b9ca54000bb175614db767a4a54c776c223344f87cbe3c5a
imphash 9544d8838589ef43b4a65c245b063ff3
File size 153.5 KB ( 157184 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit system file

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2017-10-19 01:48:43 UTC ( 8 months, 1 week ago )
Last submission 2017-11-18 12:59:48 UTC ( 7 months, 1 week ago )
File names dESne.exe
D3D10Level9.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!