× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 22adbef24138c0946ae0b4d6415bf9e956245eb328b074d7e79ede22c8663a5e
File name: Note.exe
Detection ratio: 32 / 71
Analysis date: 2019-01-16 14:13:59 UTC ( 4 months, 1 week ago ) View latest
Antivirus Result Update
AVG Win32:Trojan-gen 20190116
Avira (no cloud) TR/Kryptik.tqqjr 20190116
Comodo Malware@#1v349z9ldnten 20190116
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181023
Cybereason malicious.2a6b95 20190109
Cylance Unsafe 20190116
Cyren W32/Trojan.YPYE-7921 20190116
DrWeb Trojan.PWS.Banker1.26525 20190116
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of MSIL/Kryptik.KLH 20190116
Fortinet W32/Generic.KLH!tr 20190116
GData Win32.Trojan-Stealer.FormBook.C6JBDJ 20190116
Ikarus Trojan.MSIL.Crypt 20190116
Sophos ML heuristic 20181128
K7AntiVirus Trojan ( 0052c22b1 ) 20190116
K7GW Trojan ( 0052c22b1 ) 20190116
Kaspersky HEUR:Trojan.Win32.Generic 20190116
Malwarebytes Spyware.PasswordStealer.MSIL.Generic 20190116
MAX malware (ai score=100) 20190116
McAfee Vawtrak-FAG!B67B179780E1 20190116
McAfee-GW-Edition Vawtrak-FAG!B67B179780E1 20190116
Microsoft Trojan:Win32/Dynamer!ac 20190116
Palo Alto Networks (Known Signatures) generic.ml 20190116
Panda Trj/GdSda.A 20190116
Qihoo-360 Win32/Trojan.164 20190116
Rising Trojan.Kryptik!8.8 (CLOUD) 20190116
SentinelOne (Static ML) static engine - malicious 20181223
Symantec ML.Attribute.HighConfidence 20190116
Tencent Win32.Trojan.Inject.Auto 20190116
Trapmine malicious.high.ml.score 20190103
TrendMicro-HouseCall TROJ_GEN.R020H0CAF19 20190116
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20190116
Acronis 20190116
Ad-Aware 20190116
AegisLab 20190116
AhnLab-V3 20190116
Alibaba 20180921
ALYac 20190116
Antiy-AVL 20190116
Arcabit 20190116
Avast 20190115
Avast-Mobile 20190116
AVware 20180925
Babable 20180918
Baidu 20190116
BitDefender 20190116
Bkav 20190116
CAT-QuickHeal 20190116
ClamAV 20190116
CMC 20190116
eGambit 20190116
Emsisoft 20190116
F-Prot 20190116
F-Secure 20190116
Jiangmin 20190116
Kingsoft 20190116
eScan 20190116
NANO-Antivirus 20190116
Sophos AV 20190116
SUPERAntiSpyware 20190109
TACHYON 20190116
TheHacker 20190115
TotalDefense 20190116
TrendMicro 20190116
Trustlook 20190116
VBA32 20190116
ViRobot 20190115
Webroot 20190116
Yandex 20190116
Zillya 20190115
Zoner 20190116
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyleft 1998-2017 by Don HO

Product Notepad++
Original name Note.exe
Internal name Note.exe
File version 7.5.8.0
Description
Comments Notepad++ : a free (GNU) source code editor
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-01-15 16:59:07
Entry Point 0x0007092E
Number of sections 4
.NET details
Module Version ID 84df2c13-f556-4518-ba62-8e5886d88d1b
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 4
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
Notepad++ : a free (GNU) source code editor

InitializedDataSize
70656

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
7.5.8.0

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

LinkerVersion
6.0

EntryPoint
0x7092e

OriginalFileName
Note.exe

MIMEType
application/octet-stream

LegalCopyright
Copyleft 1998-2017 by Don HO

FileVersion
7.5.8.0

TimeStamp
2019:01:15 17:59:07+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Note.exe

ProductVersion
7.5.8.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Don HO don.h@free.fr

CodeSize
453120

ProductName
Notepad++

ProductVersionNumber
7.5.8.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
0.0.0.0

File identification
MD5 b67b179780e1a286f83bf45659290671
SHA1 2a467ef2a6b953eb2bb02e62af454da7591a6e27
SHA256 22adbef24138c0946ae0b4d6415bf9e956245eb328b074d7e79ede22c8663a5e
ssdeep
12288:q04+qI22sVrTfcsUyG/A8LeKJFdaO9KlZ7aD3UIvk8:L4XI22uayG4Z4XKlkk

authentihash f0cf81b28ad08c4b2cb16e7a1834dc9c9f3b9fb3aa7e9e9886f08be15dd30a6e
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 512.5 KB ( 524800 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (69.4%)
Windows screen saver (12.4%)
Win32 Dynamic Link Library (generic) (6.2%)
Win32 Executable (generic) (4.2%)
Win16/32 Executable Delphi generic (1.9%)
Tags
peexe assembly

VirusTotal metadata
First submission 2019-01-15 23:31:16 UTC ( 4 months, 1 week ago )
Last submission 2019-01-15 23:31:16 UTC ( 4 months, 1 week ago )
File names Note.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!