× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 282d87939edbe0745176ae57a41282c34c8b98775784cd6dcd632906c14485a8
File name: jighfftt.exe
Detection ratio: 9 / 66
Analysis date: 2018-06-04 15:44:34 UTC ( 11 months, 3 weeks ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20180604
AVG FileRepMalware 20180604
Bkav W32.eHeur.Malware14 20180604
Endgame malicious (high confidence) 20180507
ESET-NOD32 Win32/TrojanDownloader.Zurgop.DA 20180604
Ikarus Win32.Outbreak 20180604
Palo Alto Networks (Known Signatures) generic.ml 20180604
SentinelOne (Static ML) static engine - malicious 20180225
Symantec ML.Attribute.HighConfidence 20180604
Ad-Aware 20180604
AegisLab 20180604
AhnLab-V3 20180604
Alibaba 20180604
ALYac 20180604
Antiy-AVL 20180604
Arcabit 20180604
Avast-Mobile 20180604
Avira (no cloud) 20180604
AVware 20180604
Babable 20180406
Baidu 20180604
BitDefender 20180604
CAT-QuickHeal 20180604
ClamAV 20180604
CMC 20180604
Comodo 20180604
CrowdStrike Falcon (ML) 20180202
Cybereason None
Cylance 20180604
Cyren 20180604
DrWeb 20180604
eGambit 20180604
Emsisoft 20180604
F-Prot 20180604
F-Secure 20180604
Fortinet 20180604
GData 20180604
Sophos ML 20180601
Jiangmin 20180604
K7AntiVirus 20180604
K7GW 20180604
Kaspersky 20180604
Kingsoft 20180604
Malwarebytes 20180604
MAX 20180604
McAfee 20180604
McAfee-GW-Edition 20180604
Microsoft 20180604
eScan 20180604
NANO-Antivirus 20180604
nProtect 20180604
Panda 20180604
Qihoo-360 20180604
Rising 20180604
Sophos AV 20180604
SUPERAntiSpyware 20180604
Symantec Mobile Insight 20180601
Tencent 20180604
TheHacker 20180531
TotalDefense 20180604
TrendMicro 20180604
TrendMicro-HouseCall 20180604
Trustlook 20180604
VBA32 20180604
VIPRE 20180604
ViRobot 20180604
Webroot 20180604
Yandex 20180529
Zillya 20180604
ZoneAlarm by Check Point 20180604
Zoner 20180604
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(c). All rights reserved. Adaptive Biotechnologies

Product Motivates
Original name Motivates
Internal name Motivates
File version 4.4.6.6
Description Suppliers Usercounter Notenote Providing
Comments Suppliers Usercounter Notenote Providing
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-06-04 02:17:00
Entry Point 0x00025022
Number of sections 4
PE sections
PE imports
RegDeleteKeyA
SetSecurityDescriptorOwner
LookupPrivilegeValueA
RegCloseKey
RegQueryValueExA
AdjustTokenPrivileges
RegCreateKeyExA
LsaOpenPolicy
RegOpenKeyA
OpenProcessToken
RegQueryValueA
ConvertStringSidToSidA
GetNamedSecurityInfoA
RegOpenKeyExA
LsaSetInformationPolicy
GetTokenInformation
RegEnumKeyA
LsaQueryInformationPolicy
LsaFreeMemory
SetNamedSecurityInfoA
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegSetValueExA
ImpersonateLoggedOnUser
AuthzFreeResourceManager
AuthzInitializeResourceManager
capGetDriverDescriptionA
AVIStreamWrite
GetWindowExtEx
SetMapMode
CreatePen
GetRgnBox
SaveDC
TextOutA
CreateFontIndirectA
CreateRectRgnIndirect
GetClipBox
GetPixel
GetGlyphOutlineA
GetDeviceCaps
OffsetViewportOrgEx
DeleteDC
RestoreDC
GetTextExtentPointA
AddFontResourceExW
SelectObject
StartPage
DeleteObject
SetTextColor
GetObjectA
CreateFontA
CreateEllipticRgn
CreateBitmap
RectVisible
GetStockObject
SetViewportOrgEx
ScaleWindowExtEx
SetBkColor
ExtTextOutA
PtVisible
ExtSelectClipRgn
ScaleViewportExtEx
GetBkColor
GetTextExtentPoint32A
GetMapMode
SetWindowExtEx
GetTextColor
CreateSolidBrush
Escape
GetViewportExtEx
SetViewportExtEx
Ellipse
GetStdHandle
GetConsoleOutputCP
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
HeapDestroy
lstrcmpW
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetFileTime
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
EnumResourceLanguagesA
HeapReAlloc
GetStringTypeW
GetFullPathNameA
FreeLibrary
LocalFree
InitializeCriticalSection
LoadResource
GlobalHandle
FindClose
InterlockedDecrement
FormatMessageA
GetFullPathNameW
SetLastError
GetModuleFileNameW
GlobalFindAtomA
ExitProcess
GetVersionExA
GetModuleFileNameA
GetVolumeInformationA
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetModuleHandleA
CreateThread
GlobalAddAtomA
SetUnhandledExceptionFilter
ConvertDefaultLocale
MulDiv
ExitThread
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
VirtualQuery
SetEndOfFile
GetCurrentThreadId
InterlockedIncrement
WriteConsoleW
HeapFree
EnterCriticalSection
SetHandleCount
GetOEMCP
QueryPerformanceCounter
GetTickCount
TlsAlloc
VirtualProtect
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetStartupInfoA
UnlockFile
GetFileSize
GlobalDeleteAtom
SetEvent
GlobalLock
GetProcessHeap
CompareStringW
lstrcpyW
GlobalReAlloc
lstrcmpA
FindFirstFileA
WaitNamedPipeA
lstrcpyA
CompareStringA
DuplicateHandle
GetProcAddress
GlobalAlloc
GetTimeZoneInformation
CreateEventA
IsDebuggerPresent
GetFileType
TlsSetValue
CreateFileA
HeapAlloc
LeaveCriticalSection
GetLastError
LocalReAlloc
LCMapStringW
GetSystemInfo
lstrlenA
GlobalFree
GetConsoleCP
LCMapStringA
GlobalGetAtomNameA
GetThreadLocale
GetEnvironmentStringsW
GlobalUnlock
LockFile
lstrlenW
FileTimeToLocalFileTime
GetEnvironmentStrings
WritePrivateProfileStringA
GetCurrentProcessId
LockResource
WideCharToMultiByte
HeapSize
GetCommandLineA
GetCurrentThread
RaiseException
TlsFree
SetFilePointer
ReadFile
GlobalFlags
CloseHandle
GetACP
GetVersion
FreeResource
FindResourceA
SizeofResource
IsValidCodePage
HeapCreate
VirtualFree
Sleep
OpenEventA
VirtualAlloc
WNetAddConnection2A
NetUserEnum
NetWkstaUserGetInfo
NetApiBufferFree
OleCreateFontIndirect
VariantTimeToSystemTime
SysStringLen
SystemTimeToVariantTime
SysAllocStringLen
VariantChangeType
VariantClear
SysAllocString
SafeArrayDestroy
SafeArrayCreate
VariantCopy
SysFreeString
SysAllocStringByteLen
VariantInit
SHBindToParent
SHGetPathFromIDListW
SHGetFileInfoW
Ord(3)
PathFindExtensionA
PathIsUNCA
PathIsSameRootW
PathStripToRootA
PathFindFileNameA
StrCmpNIA
SetFocus
GetForegroundWindow
SetMenuItemBitmaps
DestroyMenu
PostQuitMessage
GetMessagePos
LoadBitmapA
SetWindowPos
IsWindow
DispatchMessageA
EndPaint
GrayStringA
GetMessageTime
SetActiveWindow
GetMenuItemID
GetCursorPos
DrawTextA
GetDlgCtrlID
GetClassInfoA
GetMenu
UnregisterClassA
SendMessageA
GetClientRect
SetWindowContextHelpId
GetNextDlgTabItem
CallNextHookEx
CopyAcceleratorTableA
GetTopWindow
GetActiveWindow
GetWindowTextA
InvalidateRgn
RegisterClassExA
DestroyWindow
GetMessageA
GetParent
GetCursorInfo
SetPropA
EqualRect
DefWindowProcA
GetClassInfoExA
ShowWindow
SetClassLongA
GetPropA
GetNextDlgGroupItem
ValidateRect
EnableWindow
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
CharUpperA
SetClipboardData
GetWindowPlacement
IsIconic
RegisterClassA
TabbedTextOutA
GetWindowLongA
CreateWindowExA
CopyRect
GetSysColorBrush
GetDialogBaseUnits
ReleaseDC
GetWindowInfo
PtInRect
IsChild
IsDialogMessageA
MapWindowPoints
SetCapture
BeginPaint
OffsetRect
ReleaseCapture
CharNextA
RegisterWindowMessageA
DefMDIChildProcA
SendDlgItemMessageA
GetSystemMetrics
EnableMenuItem
GetWindowRect
UpdateWindow
PostMessageA
DrawIcon
GetMenuState
SetWindowLongA
IsRectEmpty
RemovePropA
SetWindowTextA
CheckMenuItem
GetSubMenu
GetLastActivePopup
DrawIconEx
GetDlgItem
GetMenuCheckMarkDimensions
CreateDialogParamA
ClientToScreen
GetClassLongA
CreateDialogIndirectParamA
LoadCursorA
LoadIconA
SetWindowsHookExA
GetMenuItemCount
GetDesktopWindow
GetSystemMenu
GetDC
SetForegroundWindow
PostThreadMessageA
OpenClipboard
EmptyClipboard
MapDialogRect
IntersectRect
EndDialog
SendInput
GetCapture
FindWindowA
MessageBeep
DrawTextExA
GetWindowThreadProcessId
BeginDeferWindowPos
AppendMenuA
UnhookWindowsHookEx
RegisterClipboardFormatA
MoveWindow
MessageBoxA
GetWindowDC
AdjustWindowRectEx
DialogBoxParamA
GetSysColor
GetKeyState
SystemParametersInfoA
DestroyIcon
IsWindowVisible
WinHelpA
SetRect
InvalidateRect
CallWindowProcA
GetClassNameA
GetFocus
CloseClipboard
ModifyMenuA
GetAncestor
LookupIconIdFromDirectory
SetCursor
GetProfilesDirectoryA
GetProfileType
timeKillEvent
waveOutSetVolume
timeGetDevCaps
timeGetTime
mmioDescend
timeEndPeriod
timeSetEvent
mmioClose
OpenPrinterA
DocumentPropertiesA
ClosePrinter
recv
socket
bind
send
WSACleanup
WSAStartup
htons
closesocket
WSAGetLastError
GetOpenFileNameA
GetFileTitleA
OleUninitialize
CoUninitialize
StgOpenStorageOnILockBytes
CreateStreamOnHGlobal
OleFlushClipboard
OleSetContainedObject
OleCreateStaticFromData
CoRegisterMessageFilter
OleGetClipboard
CLSIDFromString
CreateILockBytesOnHGlobal
CoGetClassObject
CoWaitForMultipleHandles
CoInitialize
OleInitialize
CoCreateInstance
StgOpenStorage
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
CLSIDFromProgID
CoRevokeClassObject
CoFreeUnusedLibraries
CreateBindCtx
OleIsCurrentClipboard
CoTaskMemFree
PdhCollectQueryData
SnmpUtilMemAlloc
SnmpUtilMemFree
Number of PE resources by type
RT_ICON 11
Struct(241) 4
BINARY 3
RCDATA 3
RT_RCDATA 2
Struct(240) 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 28
PE resources
ExifTool file metadata
CodeSize
249856

SubsystemVersion
4.0

Comments
Suppliers Usercounter Notenote Providing

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
4.4.6.6

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Suppliers Usercounter Notenote Providing

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
192512

PrivateBuild
4.4.6.6

EntryPoint
0x25022

OriginalFileName
Motivates

MIMEType
application/octet-stream

LegalCopyright
(c). All rights reserved. Adaptive Biotechnologies

FileVersion
4.4.6.6

TimeStamp
2018:06:04 04:17:00+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
Motivates

ProductVersion
4.4.6.6

UninitializedDataSize
0

OSVersion
4.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Adaptive Biotechnologies

LegalTrademarks
(c). All rights reserved. Adaptive Biotechnologies

ProductName
Motivates

ProductVersionNumber
4.4.6.6

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 0be306780185ff3c483d84b330a307de
SHA1 4d992234a35a4a0adb2ab66bec76867e17b5cb94
SHA256 282d87939edbe0745176ae57a41282c34c8b98775784cd6dcd632906c14485a8
ssdeep
6144:rc7rnCYRaN8EkVnkactkN9vdsj3iKjJhrvIQC2lvuLuhEhiqVPvcF0B9KUBIpPb:l6EEkactU9uj3iKH8QH+y9qV40Uj

authentihash 0d89ce4b9d1dbb7f1d1790e0faa8b5cf806e7a1f3d6769065ffb1e5098faadc2
imphash f159bf3cda4e22f60ae4314d24022c08
File size 436.0 KB ( 446464 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (36.1%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win64 Executable (generic) (23.2%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.7%)
Tags
peexe

VirusTotal metadata
First submission 2018-06-04 08:17:23 UTC ( 11 months, 3 weeks ago )
Last submission 2018-09-14 02:53:44 UTC ( 8 months, 2 weeks ago )
File names aiafrhws.exe
jighfftt.exe
1(4).exe
jighfftt.exe
Motivates
aiafrhws.exe
printing_s
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Opened mutexes
Hooking activity
Runtime DLLs
Additional details
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.