× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 257a30a9c864a4954dc414e21d0b01eee4ff5ae8890bc2437c999df2fe65c52b
File name: WSJihOpHxUPEA.exe
Detection ratio: 35 / 68
Analysis date: 2018-10-19 18:22:44 UTC ( 4 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.31292570 20181019
ALYac Trojan.GenericKD.31292570 20181019
Arcabit Trojan.Generic.D1DD7C9A 20181019
Avast FileRepMalware 20181019
AVG FileRepMalware 20181019
BitDefender Trojan.GenericKD.31292570 20181019
CAT-QuickHeal Trojan.Emotet.X4 20181018
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20180723
Cylance Unsafe 20181019
Emsisoft Trojan.GenericKD.31292570 (B) 20181019
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Kryptik.GLTP 20181019
F-Secure Trojan.GenericKD.31292570 20181019
Fortinet W32/GenKryptik.COJU!tr 20181019
GData Trojan.GenericKD.31292570 20181019
Ikarus Trojan.Win32.Krypt 20181019
Sophos ML heuristic 20180717
K7AntiVirus Trojan ( 0053c2ba1 ) 20181019
K7GW Trojan ( 0053c2ba1 ) 20181019
Kaspersky Trojan-Banker.Win32.Emotet.bjgm 20181019
Malwarebytes Trojan.Emotet 20181019
MAX malware (ai score=100) 20181019
McAfee RDN/Generic.hra 20181019
McAfee-GW-Edition RDN/Generic.hra 20181019
Microsoft Trojan:Win32/Occamy.C 20181019
eScan Trojan.GenericKD.31292570 20181019
Palo Alto Networks (Known Signatures) generic.ml 20181019
Panda Trj/GdSda.A 20181019
Qihoo-360 HEUR/QVM20.1.9967.Malware.Gen 20181019
Rising Trojan.Fuerboos!8.EFC8 (CLOUD) 20181019
Sophos AV Mal/Generic-S 20181019
Symantec Trojan.Emotet 20181019
Tencent Win32.Trojan-banker.Emotet.Lkdp 20181019
Webroot W32.Trojan.Emotet 20181019
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bjgm 20181019
AegisLab 20181019
AhnLab-V3 20181019
Alibaba 20180921
Antiy-AVL 20181019
Avast-Mobile 20181019
Avira (no cloud) 20181019
Babable 20180918
Baidu 20181019
Bkav 20181019
ClamAV 20181019
CMC 20181019
Cybereason 20180225
Cyren 20181019
DrWeb 20181019
eGambit 20181019
F-Prot 20181019
Jiangmin 20181019
Kingsoft 20181019
NANO-Antivirus 20181019
SentinelOne (Static ML) 20181011
SUPERAntiSpyware 20181015
Symantec Mobile Insight 20181001
TACHYON 20181019
TheHacker 20181018
TotalDefense 20181018
TrendMicro 20181019
TrendMicro-HouseCall 20181019
Trustlook 20181019
VBA32 20181019
VIPRE 20181019
ViRobot 20181019
Yandex 20181018
Zillya 20181019
Zoner 20181018
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1998-2005 Hauppauge Computer Works

Product HCWTVWND
Original name HCWTVWND.dll
Internal name HCWTVWND
File version 3, 01, 24111 PCI-USB DVBT/S PVR
Description HCWTVWND PCI-USB DVBT/S PVR
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-10-18 03:00:33
Entry Point 0x0007428A
Number of sections 5
PE sections
PE imports
SetSecurityDescriptorControl
ClusterRegDeleteValue
FillRgn
GdiSetBatchLimit
GetTickCount64
SetThreadPriority
OpenWaitableTimerW
IsProcessInJob
Wow64SetThreadContext
GetModuleHandleW
GetBinaryTypeA
GetCurrentThread
UnhookWinEvent
IsZoomed
SetDoubleClickTime
UnpackDDElParam
GetFocus
GetNextDlgTabItem
SCardGetProviderIdA
strlen
MonikerRelativePathTo
CoRegisterClassObject
Number of PE resources by type
RT_DIALOG 3
RT_VERSION 1
Number of PE resources by language
ENGLISH US 4
PE resources
ExifTool file metadata
UninitializedDataSize
4294967295

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.1.24111.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
HCWTVWND PCI-USB DVBT/S PVR

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
25600

EntryPoint
0x7428a

OriginalFileName
HCWTVWND.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright 1998-2005 Hauppauge Computer Works

FileVersion
3, 01, 24111 PCI-USB DVBT/S PVR

TimeStamp
2018:10:17 20:00:33-07:00

FileType
Win32 EXE

PEType
PE32

InternalName
HCWTVWND

ProductVersion
3, 01, 24111 PCI-USB DVBT/S PVR

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Hauppauge Computer Works

CodeSize
476672

ProductName
HCWTVWND

ProductVersionNumber
3.1.24111.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 a25db86a2852b3cd442619f3ddd708d7
SHA1 c68dc5bb4cf05c078e0fb4b3b8f68b1f9cab3861
SHA256 257a30a9c864a4954dc414e21d0b01eee4ff5ae8890bc2437c999df2fe65c52b
ssdeep
3072:yKS541lzLIU+zR640xBTwTwtSDxNKQULtgc/xn:hNZIU+l640x5Uwt4cHBg

authentihash 038589bebbc5f16fca53bcefef82fc3dbcedd9fc622f21145a0a3b847835f403
imphash 3d97a5fc09d51681e025d55214d14414
File size 485.5 KB ( 497152 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (25.2%)
Clipper DOS Executable (25.0%)
Generic Win/DOS Executable (24.8%)
DOS Executable Generic (24.8%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-18 03:10:40 UTC ( 4 months ago )
Last submission 2018-10-18 03:10:40 UTC ( 4 months ago )
File names HCWTVWND
WSJihOpHxUPEA.exe
HCWTVWND.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!