× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1ca1dd616026d66bac9a8ae62813663f36cad2a7b8908f7a0ede3279c9dcd628
File name: 1ca1dd616026d66bac9a8ae62813663f36cad2a7b8908f7a0ede3279c9dcd628
Detection ratio: 20 / 69
Analysis date: 2018-12-15 12:02:13 UTC ( 2 months, 1 week ago ) View latest
Antivirus Result Update
AVG FileRepMalware 20181215
Bkav HW32.Packed. 20181214
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.ad0f7a 20180225
Cylance Unsafe 20181215
Endgame malicious (high confidence) 20181108
Sophos ML heuristic 20181128
K7AntiVirus Spyware ( 005068aa1 ) 20181215
K7GW Spyware ( 005068aa1 ) 20181215
Kaspersky UDS:DangerousObject.Multi.Generic 20181215
McAfee-GW-Edition BehavesLike.Win32.Generic.ch 20181215
Microsoft Trojan:Win32/Emotet.AC!bit 20181215
Palo Alto Networks (Known Signatures) generic.ml 20181215
Qihoo-360 HEUR/QVM20.1.E13D.Malware.Gen 20181215
Rising Trojan.Fuerboos!8.EFC8 (TFE:dGZlOgJHFPKNzEd+lQ) 20181214
SentinelOne (Static ML) static engine - malicious 20181011
Symantec ML.Attribute.HighConfidence 20181215
Trapmine malicious.moderate.ml.score 20181205
Webroot W32.Trojan.Emotet 20181215
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20181215
Ad-Aware 20181215
AegisLab 20181214
AhnLab-V3 20181214
Alibaba 20180921
Antiy-AVL 20181215
Arcabit 20181215
Avast 20181215
Avast-Mobile 20181215
Avira (no cloud) 20181215
Babable 20180918
Baidu 20181207
BitDefender 20181215
CAT-QuickHeal 20181214
ClamAV 20181215
CMC 20181215
Comodo 20181215
Cyren 20181215
DrWeb 20181215
eGambit 20181215
Emsisoft 20181215
ESET-NOD32 20181215
F-Prot 20181215
F-Secure 20181213
Fortinet 20181215
GData 20181215
Ikarus 20181215
Jiangmin 20181215
Kingsoft 20181215
Malwarebytes 20181215
MAX 20181215
McAfee 20181215
eScan 20181215
NANO-Antivirus 20181215
Panda 20181215
Sophos AV 20181215
SUPERAntiSpyware 20181212
Symantec Mobile Insight 20181215
TACHYON 20181214
Tencent 20181215
TheHacker 20181213
TotalDefense 20181215
TrendMicro 20181215
TrendMicro-HouseCall 20181215
Trustlook 20181215
VBA32 20181214
VIPRE 20181214
ViRobot 20181214
Yandex 20181214
Zillya 20181213
Zoner 20181215
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-12-15 17:31:06
Entry Point 0x00006D24
Number of sections 4
PE sections
PE imports
GetColorAdjustment
GetTempFileNameW
GetModuleHandleW
VarCyRound
PackDDElParam
waveOutReset
Ord(30)
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:12:15 09:31:06-08:00

FileType
Win32 EXE

PEType
PE32

CodeSize
32768

LinkerVersion
12.0

ImageFileCharacteristics
No relocs, Executable, 32-bit

EntryPoint
0x6d24

InitializedDataSize
114688

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 193a503802e4aea2acdcd4497e1df8bd
SHA1 dd32c58ad0f7a6beefbd5201d95db9983116c6d1
SHA256 1ca1dd616026d66bac9a8ae62813663f36cad2a7b8908f7a0ede3279c9dcd628
ssdeep
1536:gJ4cJB+kVSRojQ0vG0RxwWdDciNkb08Thw62g1RcXJS7ceiA+C5sspNFyrMlywc3:gJhJgkOQvBfRNlbaXcXAYFs3pNIe7i

authentihash a337d04feae8c9cd664173bad0bd53efef0e6b5a5d8d36389fee9b6e9e7ab11c
imphash 30352c52ddac6be0b95b67715c74a7e0
File size 144.0 KB ( 147456 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-15 09:33:32 UTC ( 2 months, 1 week ago )
Last submission 2018-12-22 06:44:38 UTC ( 2 months ago )
File names output.114713624.txt
193a503802e4aea2acdcd4497e1df8bd
32.exe
4.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!