× Cookies are disabled! This site requires cookies to be enabled to work properly
VirusTotal
SHA256: 284aae57cd7b632556c368ff7a8e7a4b42ef2f435a3f996a1d32640700b7f0ab
File name: .
Detection ratio: 40 / 68
Analysis date: 2018-07-15 18:17:13 UTC ( 7 months, 1 week ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Razy.350680 20180715
AhnLab-V3 Trojan/Win32.Agent.R230305 20180715
ALYac Gen:Variant.Razy.350680 20180715
Arcabit Trojan.Razy.D559D8 20180715
Avast Win32:GenX-Banker 20180715
AVG Win32:GenX-Banker 20180715
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180712
BitDefender Gen:Variant.Razy.350680 20180715
Bkav HW32.Packed.1801 20180713
CAT-QuickHeal Trojan.Drixed.100337 20180714
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180530
Cybereason malicious.1a0869 20180225
Cylance Unsafe 20180715
Cyren W32/Emotet.CQ.gen!Eldorado 20180715
DrWeb Trojan.EmotetENT.246 20180715
Emsisoft Gen:Variant.Razy.350680 (B) 20180715
Endgame malicious (high confidence) 20180711
ESET-NOD32 a variant of Win32/Kryptik.GHYJ 20180715
F-Prot W32/Emotet.CQ.gen!Eldorado 20180715
F-Secure Gen:Variant.Razy.350680 20180715
Fortinet W32/Kryptik.GIII!tr 20180715
GData Win32.Trojan-Spy.Emotet.RU 20180715
Ikarus Trojan.Win32.Emotet 20180715
Kaspersky HEUR:Trojan.Win32.Generic 20180715
Malwarebytes Spyware.Emotet 20180715
MAX malware (ai score=80) 20180715
McAfee GenericRXFZ-BL!F0D3D3E35482 20180715
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20180715
Microsoft Trojan:Win32/Cloxer.D!cl 20180715
eScan Gen:Variant.Razy.350680 20180715
Panda Trj/CI.A 20180715
Rising Trojan.Kryptik!8.8 (TFE:dGZlOgQpPbviPYMBrg) 20180715
SentinelOne (Static ML) static engine - malicious 20180701
Sophos AV Mal/EncPk-ANX 20180715
Symantec ML.Attribute.HighConfidence 20180715
TrendMicro TROJ_GEN.R020C0PFL18 20180715
TrendMicro-HouseCall TSPY_HPEMOTET.SMAL8 20180715
VBA32 BScope.Trojan.Dovs 20180713
Webroot W32.Trojan.Emotet 20180715
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20180715
AegisLab 20180715
Alibaba 20180713
Antiy-AVL 20180715
Avast-Mobile 20180715
Avira (no cloud) 20180715
AVware 20180715
Babable 20180406
ClamAV 20180715
CMC 20180714
Comodo 20180715
eGambit 20180715
Sophos ML 20180601
Jiangmin 20180715
K7AntiVirus 20180715
K7GW 20180715
Kingsoft 20180715
NANO-Antivirus 20180715
Palo Alto Networks (Known Signatures) 20180715
Qihoo-360 20180715
SUPERAntiSpyware 20180715
TACHYON 20180715
Tencent 20180715
TheHacker 20180712
TotalDefense 20180715
Trustlook 20180715
VIPRE 20180715
ViRobot 20180715
Yandex 20180713
Zillya 20180713
Zoner 20180714
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(c)2008-2018 CPUID. All rights reserved.

Product CPUID Hardware Monitor
Original name HWMonitor.exe
Internal name HWMonitor.exe
File version 1, 3, 5, 0
Description HWMonitor
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-06-19 23:10:21
Entry Point 0x0000168B
Number of sections 4
PE sections
PE imports
[+] ADVAPI32.dll
FindFirstFreeAce
AddAccessDeniedAce
GetSecurityDescriptorDacl
CryptCreateHash
[+] CRYPT32.dll
CryptSIPAddProvider
[+] ESENT.dll
JetMakeKey
[+] GDI32.dll
GetFontData
PaintRgn
ExtEscape
RemoveFontMemResourceEx
SetStretchBltMode
[+] KERNEL32.dll
SuspendThread
GetThreadPriority
GetTimeZoneInformation
GetSystemDefaultLocaleName
LocalFlags
SetTapePosition
GetCommState
CloseHandle
GetSystemTimeAsFileTime
GetDynamicTimeZoneInformation
lstrcmpW
VirtualAlloc
[+] RPCRT4.dll
RpcStringBindingParseW
[+] SETUPAPI.dll
SetupGetStringFieldA
SetupGetLineTextA
[+] SHLWAPI.dll
PathStripPathW
UrlApplySchemeW
[+] USER32.dll
GetDoubleClickTime
UnregisterHotKey
FlashWindow
OpenWindowStationA
GetThreadDesktop
IsDialogMessageA
[+] ole32.dll
OleTranslateAccelerator
Number of PE resources by type
RT_STRING 26
RT_DIALOG 4
RT_BITMAP 4
RT_MENU 1
RT_ACCELERATOR 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 34
FRENCH 3
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2018:06:20 00:10:21+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
12288

LinkerVersion
0.0

FileTypeExtension
exe

InitializedDataSize
65536

SubsystemVersion
5.0

EntryPoint
0x168b

OSVersion
5.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 f0d3d3e354820a541bd65ec5ec6bd4f3
SHA1 e2b96101a08692e4f71923ab7def07980bd9d61d
SHA256 284aae57cd7b632556c368ff7a8e7a4b42ef2f435a3f996a1d32640700b7f0ab
ssdeep
3072:NUjX9j/HpHsYg0AlSGZtN05VuPfyEPpUdDzX:4tJHs6SSJ5UPf

authentihash 8a30930f6d0bd8df14adff2e395264ee36ee6f2bbf031c05662e4afcac65b7a3
imphash d9fe795399fb35af96887df80eb06791
File size 124.0 KB ( 126976 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-07-15 18:17:13 UTC ( 7 months, 1 week ago )
Last submission 2018-07-15 18:17:13 UTC ( 7 months, 1 week ago )
File names HWMonitor.exe
.
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!
More comments

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

Sign in Join the community
No votes. No one has voted on this item yet, be the first one to do so!
More votes
Blog | Twitter | Contact us | ToS | Privacy policy