× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1764d60b32586d490912e5ff8ab32304425fe37ae4e59fda062dd9d0627c8bfe
File name: 258357907.exe
Detection ratio: 45 / 66
Analysis date: 2018-06-01 19:31:47 UTC ( 8 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Razy.337280 20180601
AegisLab Ml.Attribute.Gen!c 20180601
AhnLab-V3 Trojan/Win32.Emotet.R229382 20180601
ALYac Gen:Variant.Razy.337280 20180601
Antiy-AVL Trojan/Win32.TSGeneric 20180601
Arcabit Trojan.Razy.D52580 20180601
Avast Win32:Malware-gen 20180601
AVG Win32:Malware-gen 20180601
Avira (no cloud) HEUR/AGEN.1010784 20180601
AVware Trojan.Win32.Generic!BT 20180601
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9938 20180601
BitDefender Gen:Variant.Razy.337280 20180601
CAT-QuickHeal Trojan.Fuerboos 20180601
ClamAV Win.Trojan.Agent-6566084-0 20180601
Cylance Unsafe 20180601
Cyren W32/Trojan.DJSC-9301 20180601
DrWeb Trojan.EmotetENT.222 20180601
Emsisoft Gen:Variant.Razy.337280 (B) 20180601
Endgame malicious (high confidence) 20180507
ESET-NOD32 a variant of Win32/Kryptik.GHER 20180601
F-Secure Gen:Variant.Razy.337280 20180601
Fortinet W32/Kryptik.GHER!tr 20180601
GData Win32.Trojan-Spy.Emotet.QU 20180601
Ikarus Trojan-Banker.Emotet 20180601
Sophos ML heuristic 20180601
K7GW Hacktool ( 700007861 ) 20180601
Kaspersky Trojan-Banker.Win32.Emotet.apqo 20180601
Malwarebytes Trojan.Emotet 20180601
MAX malware (ai score=95) 20180601
McAfee RDN/Generic.grp 20180601
McAfee-GW-Edition RDN/Generic.grp 20180601
Microsoft Trojan:Win32/Tiggre!plock 20180601
eScan Gen:Variant.Razy.337280 20180601
Palo Alto Networks (Known Signatures) generic.ml 20180601
Panda Trj/GdSda.A 20180601
Qihoo-360 Win32/Trojan.46c 20180601
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/EncPk-ANX 20180601
Symantec Trojan.Gen.2 20180601
TrendMicro TROJ_GEN.R03FC0OEV18 20180601
TrendMicro-HouseCall TROJ_GEN.R03FC0OEV18 20180601
VBA32 BScope.Trojan.Emotet 20180601
ViRobot Trojan.Win32.Z.Emotet.196608.U 20180601
Webroot W32.Trojan.Gen 20180601
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.apqo 20180601
Alibaba 20180601
Avast-Mobile 20180601
Babable 20180406
Bkav 20180601
CMC 20180601
Comodo 20180601
CrowdStrike Falcon (ML) 20180202
Cybereason None
eGambit 20180601
F-Prot 20180601
Jiangmin 20180601
K7AntiVirus 20180601
Kingsoft 20180601
NANO-Antivirus 20180601
nProtect 20180601
Rising 20180601
SUPERAntiSpyware 20180601
Symantec Mobile Insight 20180601
Tencent 20180601
TheHacker 20180531
TotalDefense 20180601
Trustlook 20180601
VIPRE 20180601
Yandex 20180529
Zillya 20180601
Zoner 20180531
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Visual Studio® 2015
Original name MFC140DEU.DLL
Internal name MFC140DEU.DLL
File version 14.0.23026.0 built by: WCSETUP
Description MFC Language Specific Resources
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2028-12-25 04:27:37
Entry Point 0x000286BD
Number of sections 5
PE sections
PE imports
CreateWaitableTimerW
GetCurrentProcess
ApplicationRecoveryFinished
GetNumberFormatA
GetConsoleCP
ClearCommBreak
FlsGetValue
FreeConsole
FlsFree
SetDynamicTimeZoneInformation
FindFirstVolumeW
LZSeek
VarCyFix
VarUI4FromUI8
SetActivePwrScheme
SetupDiGetDeviceInstanceIdW
SHCopyKeyW
SHSetValueW
StrCpyNW
GetSysColor
GetAncestor
GetUpdatedClipboardFormats
SetScrollInfo
waveOutGetErrorTextW
GetPrinterDataExW
SCardForgetCardTypeW
SCardDisconnect
tolower
toupper
STGMEDIUM_UserMarshal
OleConvertOLESTREAMToIStorage
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
GERMAN 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
28672

ImageVersion
0.0

ProductName
Microsoft Visual Studio 2015

FileVersionNumber
14.0.23026.0

LanguageCode
German

FileFlagsMask
0x003f

FileDescription
MFC Language Specific Resources

CharacterSet
Unicode

LinkerVersion
12.165

FileTypeExtension
exe

OriginalFileName
MFC140DEU.DLL

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
14.0.23026.0 built by: WCSETUP

TimeStamp
2028:12:25 05:27:37+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
MFC140DEU.DLL

ProductVersion
14.0.23026.0

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

LegalCopyright
Microsoft Corporation. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
0

FileSubtype
0

ProductVersionNumber
14.0.23026.0

EntryPoint
0x286bd

ObjectFileType
Dynamic link library

File identification
MD5 61ce2c145b19e952e28ee3643332c525
SHA1 5d34ccf8db17a191166da6bc016c0d7a31f33cc1
SHA256 1764d60b32586d490912e5ff8ab32304425fe37ae4e59fda062dd9d0627c8bfe
ssdeep
3072:xgndJ6co+JPrJ27QLo3dPOow0VzR2434F:xgnVvJA0uPOovVzR2

authentihash 3e0e9c55cf1a99470e1ec288615c333cd042ea10c744410fbb8225c4dd141300
imphash 9262ba2edbc4acdf91afb66ab08747a9
File size 192.0 KB ( 196608 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit system file

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-05-30 08:58:39 UTC ( 8 months, 3 weeks ago )
Last submission 2018-06-21 03:52:47 UTC ( 8 months ago )
File names 258357907.exe
MFC140DEU.DLL
43345817.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!