× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 25006d39f4308073d78791fc6be2f5bad03bcfad2a65da1dd449605a8f38a96b
File name: a0390f0e45151596b0c6925c97ff053e.virus
Detection ratio: 41 / 70
Analysis date: 2019-01-08 01:57:25 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Autoruns.GenericKDS.31475704 20190107
AhnLab-V3 Trojan/Win32.Emotet.R250874 20190107
ALYac Trojan.Autoruns.GenericKDS.31475704 20190107
Arcabit Trojan.Autoruns.GenericS.D1E047F8 20190107
Avast Win32:BankerX-gen [Trj] 20190107
AVG Win32:BankerX-gen [Trj] 20190107
BitDefender Trojan.Autoruns.GenericKDS.31475704 20190107
Bkav HW32.Packed. 20190107
Comodo Malware@#eveg7f0j7yy4 20190107
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.e45151 20180225
Cylance Unsafe 20190108
Cyren W32/Trojan.TBKL-1567 20190107
Emsisoft Trojan.Autoruns.GenericKDS.31475704 (B) 20190107
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GOIA 20190108
F-Secure Trojan.Autoruns.GenericKDS.31475704 20190108
Fortinet W32/Kryptik.GOIA!tr 20190108
GData Trojan.Autoruns.GenericKDS.31475704 20190108
Sophos ML heuristic 20181128
K7AntiVirus Trojan ( 00544eec1 ) 20190108
K7GW Trojan ( 00544eec1 ) 20190108
Kaspersky Trojan-Banker.Win32.Emotet.bxty 20190108
MAX malware (ai score=81) 20190108
McAfee Artemis!A0390F0E4515 20190108
McAfee-GW-Edition BehavesLike.Win32.Emotet.cc 20190108
Microsoft Trojan:Win32/Emotet 20190108
eScan Trojan.Autoruns.GenericKDS.31475704 20190108
Palo Alto Networks (Known Signatures) generic.ml 20190108
Panda Trj/RnkBend.A 20190107
Qihoo-360 HEUR/QVM20.1.41CD.Malware.Gen 20190108
Rising Trojan.Kryptik!8.8 (TFE:dGZlOgGKDUnPIVMaKg) 20190108
SentinelOne (Static ML) static engine - malicious 20181223
Sophos AV Mal/Generic-S 20190108
Symantec Trojan.Gen.2 20190107
Trapmine malicious.high.ml.score 20190103
TrendMicro TROJ_GEN.R020C0WA519 20190107
TrendMicro-HouseCall TROJ_GEN.R020C0WA519 20190107
VBA32 BScope.Trojan.Refinka 20190104
Webroot W32.Trojan.Emotet 20190108
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bxty 20190107
Acronis 20181227
AegisLab 20190107
Alibaba 20180921
Antiy-AVL 20190107
Avast-Mobile 20190107
Avira (no cloud) 20190107
Babable 20180918
Baidu 20190107
CAT-QuickHeal 20190107
ClamAV 20190107
CMC 20190107
DrWeb 20190107
eGambit 20190108
F-Prot 20190108
Ikarus 20190108
Jiangmin 20190107
Kingsoft 20190108
NANO-Antivirus 20190108
SUPERAntiSpyware 20190102
TACHYON 20190107
Tencent 20190108
TheHacker 20190106
TotalDefense 20190107
Trustlook 20190108
VIPRE 20190107
ViRobot 20190107
Yandex 20181229
Zillya 20190105
Zoner 20190107
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microso

Product Mi
Internal name kbds
File version 6.1.7600.1
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-08-04 07:56:09
Entry Point 0x00002A28
Number of sections 8
PE sections
PE imports
SetSecurityDescriptorControl
GetSecurityDescriptorControl
CreateHalftonePalette
GetUserDefaultLCID
VerifyScripts
GetModuleHandleW
SetSystemPowerState
SetFileIoOverlappedRange
NetLocalGroupGetInfo
VarI4FromCy
RpcBindingSetAuthInfoW
ShellAboutW
PathIsSameRootW
GetForegroundWindow
DefWindowProcW
PostQuitMessage
SetWindowPos
ToUnicodeEx
BeginDeferWindowPos
RegisterClassExW
DdeAddData
CharUpperW
ChildWindowFromPoint
GetDC
GetCursorPos
GetDlgCtrlID
CheckMenuItem
RemoveClipboardFormatListener
GetTitleBarInfo
GetSystemMetrics
GetWindowPlacement
ShutdownBlockReasonCreate
GetClientRect
DispatchMessageW
ScreenToClient
InvalidateRect
IsClipboardFormatAvailable
GetMenuState
GetRawInputBuffer
LoadCursorW
GetFocus
CreateWindowExW
LoadAcceleratorsW
GetWindowLongW
CloseClipboard
DestroyWindow
GetAncestor
OpenClipboard
CryptCATAdminAcquireContext
setsockopt
iswlower
RtlFirstEntrySList
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
CodeSize
46080

UninitializedDataSize
0

LinkerVersion
15.255

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.4.20030.62408

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
111104

EntryPoint
0x2a28

MIMEType
application/octet-stream

LegalCopyright
Microso

FileVersion
6.1.7600.1

TimeStamp
2004:08:04 08:56:09+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
kbds

ProductVersion
6.1.7600.163

SubsystemVersion
5.1

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corp

LegalTrademarks
Mozilla, Netscape

ProductName
Mi

ProductVersionNumber
1.4.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 a0390f0e45151596b0c6925c97ff053e
SHA1 9b3bc12c561302d6952b6d7b7ede9a78c08d554d
SHA256 25006d39f4308073d78791fc6be2f5bad03bcfad2a65da1dd449605a8f38a96b
ssdeep
3072:T9ZoklezQ/HdMbVbeJCRCx7uJpqJyoHiHNIn:T9ZheM/SbV6JUCxCJpGiHNI

authentihash 4d3e5cae69bd05a08fb966245ad76b39cb477c36d5ae4a950f6ca48d4bb327b5
imphash 07d7362976ce0da296ecaffa41d79a6b
File size 117.5 KB ( 120320 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2019-01-07 09:50:22 UTC ( 1 month, 1 week ago )
Last submission 2019-01-07 09:50:22 UTC ( 1 month, 1 week ago )
File names kbds
a0390f0e45151596b0c6925c97ff053e.virus
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!