× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 284aae57cd7b632556c368ff7a8e7a4b42ef2f435a3f996a1d32640700b7f0ab
File name: .
Detection ratio: 40 / 68
Analysis date: 2018-07-15 18:17:13 UTC ( 7 months, 1 week ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Razy.350680 20180715
AhnLab-V3 Trojan/Win32.Agent.R230305 20180715
ALYac Gen:Variant.Razy.350680 20180715
Arcabit Trojan.Razy.D559D8 20180715
Avast Win32:GenX-Banker 20180715
AVG Win32:GenX-Banker 20180715
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180712
BitDefender Gen:Variant.Razy.350680 20180715
Bkav HW32.Packed.1801 20180713
CAT-QuickHeal Trojan.Drixed.100337 20180714
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180530
Cybereason malicious.1a0869 20180225
Cylance Unsafe 20180715
Cyren W32/Emotet.CQ.gen!Eldorado 20180715
DrWeb Trojan.EmotetENT.246 20180715
Emsisoft Gen:Variant.Razy.350680 (B) 20180715
Endgame malicious (high confidence) 20180711
ESET-NOD32 a variant of Win32/Kryptik.GHYJ 20180715
F-Prot W32/Emotet.CQ.gen!Eldorado 20180715
F-Secure Gen:Variant.Razy.350680 20180715
Fortinet W32/Kryptik.GIII!tr 20180715
GData Win32.Trojan-Spy.Emotet.RU 20180715
Ikarus Trojan.Win32.Emotet 20180715
Kaspersky HEUR:Trojan.Win32.Generic 20180715
Malwarebytes Spyware.Emotet 20180715
MAX malware (ai score=80) 20180715
McAfee GenericRXFZ-BL!F0D3D3E35482 20180715
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20180715
Microsoft Trojan:Win32/Cloxer.D!cl 20180715
eScan Gen:Variant.Razy.350680 20180715
Panda Trj/CI.A 20180715
Rising Trojan.Kryptik!8.8 (TFE:dGZlOgQpPbviPYMBrg) 20180715
SentinelOne (Static ML) static engine - malicious 20180701
Sophos AV Mal/EncPk-ANX 20180715
Symantec ML.Attribute.HighConfidence 20180715
TrendMicro TROJ_GEN.R020C0PFL18 20180715
TrendMicro-HouseCall TSPY_HPEMOTET.SMAL8 20180715
VBA32 BScope.Trojan.Dovs 20180713
Webroot W32.Trojan.Emotet 20180715
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20180715
AegisLab 20180715
Alibaba 20180713
Antiy-AVL 20180715
Avast-Mobile 20180715
Avira (no cloud) 20180715
AVware 20180715
Babable 20180406
ClamAV 20180715
CMC 20180714
Comodo 20180715
eGambit 20180715
Sophos ML 20180601
Jiangmin 20180715
K7AntiVirus 20180715
K7GW 20180715
Kingsoft 20180715
NANO-Antivirus 20180715
Palo Alto Networks (Known Signatures) 20180715
Qihoo-360 20180715
SUPERAntiSpyware 20180715
TACHYON 20180715
Tencent 20180715
TheHacker 20180712
TotalDefense 20180715
Trustlook 20180715
VIPRE 20180715
ViRobot 20180715
Yandex 20180713
Zillya 20180713
Zoner 20180714
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(c)2008-2018 CPUID. All rights reserved.

Product CPUID Hardware Monitor
Original name HWMonitor.exe
Internal name HWMonitor.exe
File version 1, 3, 5, 0
Description HWMonitor
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-06-19 23:10:21
Entry Point 0x0000168B
Number of sections 4
PE sections
PE imports
FindFirstFreeAce
AddAccessDeniedAce
GetSecurityDescriptorDacl
CryptCreateHash
CryptSIPAddProvider
JetMakeKey
GetFontData
PaintRgn
ExtEscape
RemoveFontMemResourceEx
SetStretchBltMode
SuspendThread
GetThreadPriority
GetTimeZoneInformation
GetSystemDefaultLocaleName
LocalFlags
SetTapePosition
GetCommState
CloseHandle
GetSystemTimeAsFileTime
GetDynamicTimeZoneInformation
lstrcmpW
VirtualAlloc
RpcStringBindingParseW
SetupGetStringFieldA
SetupGetLineTextA
PathStripPathW
UrlApplySchemeW
GetDoubleClickTime
UnregisterHotKey
FlashWindow
OpenWindowStationA
GetThreadDesktop
IsDialogMessageA
OleTranslateAccelerator
Number of PE resources by type
RT_STRING 26
RT_DIALOG 4
RT_BITMAP 4
RT_MENU 1
RT_ACCELERATOR 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 34
FRENCH 3
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2018:06:20 00:10:21+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
12288

LinkerVersion
0.0

FileTypeExtension
exe

InitializedDataSize
65536

SubsystemVersion
5.0

EntryPoint
0x168b

OSVersion
5.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 f0d3d3e354820a541bd65ec5ec6bd4f3
SHA1 e2b96101a08692e4f71923ab7def07980bd9d61d
SHA256 284aae57cd7b632556c368ff7a8e7a4b42ef2f435a3f996a1d32640700b7f0ab
ssdeep
3072:NUjX9j/HpHsYg0AlSGZtN05VuPfyEPpUdDzX:4tJHs6SSJ5UPf

authentihash 8a30930f6d0bd8df14adff2e395264ee36ee6f2bbf031c05662e4afcac65b7a3
imphash d9fe795399fb35af96887df80eb06791
File size 124.0 KB ( 126976 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-07-15 18:17:13 UTC ( 7 months, 1 week ago )
Last submission 2018-07-15 18:17:13 UTC ( 7 months, 1 week ago )
File names HWMonitor.exe
.
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!