× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 18561d45ef19f4488981d59fee80a6e39156f4ea37356a5a3dd9b2b7f08f7361
File name: qA5nuJpDxFa48hljvGR.exe
Detection ratio: 34 / 68
Analysis date: 2018-11-04 13:19:43 UTC ( 2 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.40674241 20181104
AhnLab-V3 Trojan/Win32.Emotet.R242486 20181104
ALYac Trojan.GenericKD.40674241 20181104
Arcabit Trojan.Generic.D26CA3C1 20181104
Avast Win32:BankerX-gen [Trj] 20181104
AVG Win32:BankerX-gen [Trj] 20181104
BitDefender Trojan.GenericKD.40674241 20181104
Bkav HW32.Packed. 20181102
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.0f75ea 20180225
Cylance Unsafe 20181104
Emsisoft Trojan.GenericKD.40674241 (B) 20181104
Endgame malicious (high confidence) 20180730
ESET-NOD32 Win32/Emotet.BR 20181104
F-Secure Trojan.GenericKD.40674241 20181104
Fortinet W32/Emotet.BR!tr 20181104
GData Trojan.GenericKD.40674241 20181104
Ikarus Trojan.Win32.Krypt 20181104
Sophos ML heuristic 20180717
K7GW Trojan ( 005403fc1 ) 20181104
Kaspersky Trojan-Banker.Win32.Emotet.bnsf 20181104
Malwarebytes Trojan.Emotet 20181104
MAX malware (ai score=99) 20181104
McAfee RDN/Generic.dx 20181104
McAfee-GW-Edition BehavesLike.Win32.Emotet.cc 20181104
Microsoft Trojan:Win32/Emotet.AC!bit 20181104
eScan Trojan.GenericKD.40674241 20181104
Palo Alto Networks (Known Signatures) generic.ml 20181104
Qihoo-360 HEUR/QVM20.1.F037.Malware.Gen 20181104
SentinelOne (Static ML) static engine - malicious 20181011
Sophos AV Mal/Generic-S 20181104
Symantec Trojan.Emotet 20181103
Webroot W32.Trojan.Emotet 20181104
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bnsf 20181104
AegisLab 20181104
Alibaba 20180921
Antiy-AVL 20181104
Avast-Mobile 20181104
Avira (no cloud) 20181104
Babable 20180918
Baidu 20181102
CAT-QuickHeal 20181104
ClamAV 20181104
CMC 20181104
Cyren 20181104
DrWeb 20181104
eGambit 20181104
F-Prot 20181104
Jiangmin 20181104
K7AntiVirus 20181104
Kingsoft 20181104
NANO-Antivirus 20181104
Panda 20181104
Rising 20181104
SUPERAntiSpyware 20181031
Symantec Mobile Insight 20181030
TACHYON 20181104
Tencent 20181104
TheHacker 20181104
TotalDefense 20181104
TrendMicro 20181104
TrendMicro-HouseCall 20181104
Trustlook 20181104
VBA32 20181102
VIPRE 20181104
ViRobot 20181104
Yandex 20181102
Zillya 20181102
Zoner 20181104
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Internal name ttggv (3
File version 1.0
Description ToggleView
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-07-27 17:30:04
Entry Point 0x000033B0
Number of sections 6
PE sections
PE imports
AllocateLocallyUniqueId
IsValidSecurityDescriptor
FrameRgn
DeleteColorSpace
SetTextJustification
GetStretchBltMode
BitBlt
ExtSelectClipRgn
UnrealizeObject
GetNamedPipeClientProcessId
QueryThreadCycleTime
ZombifyActCtx
IsSystemResumeAutomatic
GetCommandLineW
GetLogicalProcessorInformation
GetThreadLocale
GetCommMask
EscapeCommFunction
TzSpecificLocalTimeToSystemTime
FindFirstFileNameW
VarBstrCat
ToUnicodeEx
GetListBoxInfo
SetWindowContextHelpId
DdeEnableCallback
IsGUIThread
GetPhysicalCursorPos
GetCursorPos
GetMenuDefaultItem
GetThreadDesktop
CoLoadLibrary
CoUninitialize
OleDestroyMenuDescriptor
Number of PE resources by type
RT_STRING 3
RT_VERSION 1
Number of PE resources by language
NORWEGIAN BOKMAL 4
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
13.0

ImageVersion
0.1

FileSubtype
0

FileVersionNumber
1.6.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
ToggleView

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
147456

EntryPoint
0x33b0

OriginalFileName
ttggv.exe

MIMEType
application/octet-stream

FileVersion
1.0

TimeStamp
2013:07:27 18:30:04+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
ttggv (3

ProductVersion
1.0

SubsystemVersion
5.0

OSVersion
6.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Micro

CodeSize
12288

ProductName
Microsoft

ProductVersionNumber
1.6.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 f6798e6c0e49c66d080dce61f66c3afc
SHA1 dfcfc900f75eae64e54f88fec164f156dd9b88f4
SHA256 18561d45ef19f4488981d59fee80a6e39156f4ea37356a5a3dd9b2b7f08f7361
ssdeep
3072:4OoZDVSLX4EIjTnel68Ys3PlNtb3KYpBi0jCa:cZSMHXnm68d4YpB1j

authentihash 974b37b4d90e6ca3f8739582ef8f8771bda759b822d8c24ff1d924cd06ae1033
imphash 6cf73b2a760be18be3c7d24971032226
File size 128.0 KB ( 131072 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-02 13:50:57 UTC ( 2 months, 2 weeks ago )
Last submission 2018-11-02 13:50:57 UTC ( 2 months, 2 weeks ago )
File names ttggv (3
qA5nuJpDxFa48hljvGR.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!