× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 214ce17f074de0c4f5a8bc0b35cc23d8c890704e28694c3a4c360c1ab034c15a
File name: 30077b1e3c256aaa2d9d503025fbec7a
Detection ratio: 55 / 70
Analysis date: 2018-12-16 09:57:08 UTC ( 2 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.40760242 20181216
AhnLab-V3 Malware/Win32.Generic.C2832443 20181216
ALYac Trojan.GenericKD.40760242 20181216
Antiy-AVL Trojan[Banker]/Win32.Emotet 20181216
Arcabit Trojan.Generic.D26DF3B2 20181216
Avast Win32:BankerX-gen [Trj] 20181216
AVG Win32:BankerX-gen [Trj] 20181216
Avira (no cloud) HEUR/AGEN.1037186 20181216
BitDefender Trojan.GenericKD.40760242 20181216
Bkav HW32.Packed. 20181214
CAT-QuickHeal Trojan.Drixed.100407 20181215
ClamAV Win.Malware.Emotet-6746185-0 20181216
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.e3c256 20180225
Cylance Unsafe 20181216
Cyren W32/Emotet.IV.gen!Eldorado 20181216
DrWeb Trojan.EmotetENT.294 20181216
Emsisoft Trojan.GenericKD.40760242 (B) 20181216
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GMRH 20181216
F-Prot W32/Emotet.IV.gen!Eldorado 20181216
F-Secure Trojan.GenericKD.40760242 20181216
Fortinet W32/Kryptik.GNLA!tr 20181216
GData Win32.Trojan-Spy.Emotet.TM 20181216
Ikarus Trojan-Banker.Emotet 20181216
Sophos ML heuristic 20181128
Jiangmin Trojan.Banker.Emotet.dwh 20181216
K7AntiVirus Trojan ( 0053b6a31 ) 20181216
K7GW Trojan ( 0053b6a31 ) 20181216
Kaspersky Trojan-Banker.Win32.Emotet.bpmr 20181216
Malwarebytes Trojan.Emotet 20181216
MAX malware (ai score=86) 20181216
McAfee Emotet-FKC!30077B1E3C25 20181216
McAfee-GW-Edition BehavesLike.Win32.Emotet.cc 20181216
Microsoft Trojan:Win32/Emotet.C 20181216
eScan Trojan.GenericKD.40760242 20181216
NANO-Antivirus Trojan.Win32.Emotet.fkhsaj 20181216
Palo Alto Networks (Known Signatures) generic.ml 20181216
Panda Trj/Genetic.gen 20181215
Qihoo-360 Win32/Trojan.52d 20181216
Rising Trojan.Kryptik!8.8 (TFE:1:OlBDinbOayE) 20181216
Sophos AV Mal/EncPk-ANY 20181216
Symantec Trojan.Gen.2 20181215
TACHYON Banker/W32.Emotet.147456.M 20181214
Tencent Win32.Trojan-banker.Emotet.Lewd 20181216
Trapmine malicious.moderate.ml.score 20181205
TrendMicro TSPY_EMOTET.THAAAEAH 20181216
TrendMicro-HouseCall TSPY_EMOTET.THAAAEAH 20181216
VBA32 Malware-Cryptor.Limpopo 20181214
VIPRE LooksLike.Win32.Dridex.e (v) 20181216
ViRobot Trojan.Win32.Z.Emotet.147456.N 20181215
Webroot W32.Trojan.Emotet 20181216
Yandex Trojan.PWS.Emotet! 20181214
Zillya Trojan.Emotet.Win32.7463 20181215
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bpmr 20181216
AegisLab 20181214
Alibaba 20180921
Avast-Mobile 20181215
Babable 20180918
Baidu 20181207
CMC 20181216
Comodo 20181216
eGambit 20181216
Kingsoft 20181216
SentinelOne (Static ML) 20181011
SUPERAntiSpyware 20181212
Symantec Mobile Insight 20181215
TheHacker 20181213
TotalDefense 20181215
Trustlook 20181216
Zoner 20181216
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft

Product Sola Plug-in
Original name msiltcfg.dl
Internal name Aban Plug-in
File version 1, 4, 2, 50
Description Window I Stub
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1995-06-10 08:02:18
Entry Point 0x00001630
Number of sections 6
PE sections
PE imports
CloseServiceHandle
QueryUsersOnEncryptedFile
ImageList_Draw
CertAddStoreToCollection
SetBitmapBits
SwapBuffers
CloseEnhMetaFile
SetViewportOrgEx
GetSystemTime
SetupComm
UnlockFile
GetThreadPriority
ReleaseMutex
GlobalAlloc
GetCommandLineA
AllocConsole
GlobalMemoryStatusEx
GetCommMask
GetNumberOfConsoleMouseButtons
FindFirstFileNameTransactedW
VARIANT_UserMarshal
VarI2FromDate
NdrConformantArrayBufferSize
StrToIntW
IsClipboardFormatAvailable
DestroyAcceleratorTable
SetMenuItemBitmaps
IsDlgButtonChecked
DrawIcon
IsZoomed
GetWindowDC
GetMenuCheckMarkDimensions
SetProcessWindowStation
wsprintfW
CheckDlgButton
CryptCATAdminEnumCatalogFromHash
Number of PE resources by type
RT_DIALOG 20
RT_STRING 10
RT_VERSION 1
Number of PE resources by language
ENGLISH US 4
ITALIAN NEUTRAL 3
SWEDISH NEUTRAL 3
CHINESE TRADITIONAL 3
SPANISH NEUTRAL 3
GERMAN NEUTRAL 3
CHINESE SIMPLIFIED 3
JAPANESE DEFAULT 3
FRENCH NEUTRAL 3
KOREAN 3
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
12.0

ImageVersion
0.0

ProductName
Sola Plug-in

FileVersionNumber
1.4.2.50

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
143360

FileTypeExtension
exe

OriginalFileName
msiltcfg.dl

MIMEType
application/x-java-applet;version=1.3.1|application/x-java-bean;version=1.3.1|application/x-java-applet;version=1.4|application/x-java-bean;version=1.4|application/x-java-applet;version=1.4.1|application/x-java-bean;version=1.4.1

Subsystem
Windows GUI

FileExtents
|||||

PEType
PE32

FileVersion
1, 4, 2, 50

TimeStamp
1995:06:10 01:02:18-07:00

FileType
Win32 EXE

FileOpenName
Aban Applet|JavaBeans|Sola Applet|SolaBeans|Sola Applet|SolaBeans

InternalName
Aban Plug-in

SubsystemVersion
5.0

ProductVersion
1, 4, 2, 50

FileDescription
Window I Stub

OSVersion
5.0

FileOS
Win32

LegalCopyright
Microsoft

MachineType
Intel 386 or later, and compatibles

CompanyName
AbanSoft / Sun Microsystems, Inc.

CodeSize
8192

FileSubtype
0

ProductVersionNumber
1.4.2.50

EntryPoint
0x1630

ObjectFileType
Dynamic link library

File identification
MD5 30077b1e3c256aaa2d9d503025fbec7a
SHA1 ba0ae2e2b6f2cdbae66962370b261f730bb34155
SHA256 214ce17f074de0c4f5a8bc0b35cc23d8c890704e28694c3a4c360c1ab034c15a
ssdeep
1536:lGlZavSKfd4xo8+2XuykBDm4xUpGCR5K2+s/nC5qVl8I6w6xMcEwnWLZBc0:lSavpf/kw5WPK2BCguqyXnWLvc0

authentihash 28fe80f26cb0bb72959f4476ab705a2a0ed9813ba0e17c30759eb0d607a727f5
imphash 0ecda366e56b3e98483d591c91951776
File size 144.0 KB ( 147456 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-14 21:42:38 UTC ( 3 months, 1 week ago )
Last submission 2018-11-14 21:42:38 UTC ( 3 months, 1 week ago )
File names Aban Plug-in
msiltcfg.dl
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!