× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2856e22a3e757dbfaedd2918876dc96d1524095581f73c7791d7795e7e3d6767
File name: AB1fvPY6Xe.exe
Detection ratio: 13 / 69
Analysis date: 2018-10-07 12:34:22 UTC ( 4 months, 2 weeks ago ) View latest
Antivirus Result Update
Bkav HW32.Packed. 20181005
ClamAV Win.Trojan.Emotet-6707392-0 20181007
CrowdStrike Falcon (ML) malicious_confidence_80% (D) 20180723
Cylance Unsafe 20181007
Endgame malicious (high confidence) 20180730
Sophos ML heuristic 20180717
McAfee-GW-Edition BehavesLike.Win32.Generic.ch 20181007
Microsoft Trojan:Win32/Fuerboos.A!cl 20181007
NANO-Antivirus Virus.Win32.Gen.ccmw 20181007
Qihoo-360 HEUR/QVM20.1.5D65.Malware.Gen 20181007
Rising Trojan.Fuerboos!8.EFC8 (TFE:dGZlOgJlfFH45pugaA) 20181007
SentinelOne (Static ML) static engine - malicious 20180926
Symantec ML.Attribute.HighConfidence 20181006
Ad-Aware 20181007
AegisLab 20181007
AhnLab-V3 20181007
Alibaba 20180921
ALYac 20181007
Antiy-AVL 20181007
Arcabit 20181007
Avast 20181007
Avast-Mobile 20181007
AVG 20181007
Avira (no cloud) 20181007
AVware 20180925
Babable 20180918
Baidu 20180930
BitDefender 20181007
CAT-QuickHeal 20181007
CMC 20181007
Comodo 20181007
Cybereason 20180225
Cyren 20181007
DrWeb 20181007
eGambit 20181007
Emsisoft 20181007
ESET-NOD32 20181007
F-Prot 20181007
F-Secure 20181007
Fortinet 20181007
GData 20181007
Ikarus 20181007
Jiangmin 20181007
K7AntiVirus 20181007
K7GW 20181007
Kaspersky 20181007
Kingsoft 20181007
Malwarebytes 20181007
MAX 20181007
McAfee 20181007
eScan 20181007
Palo Alto Networks (Known Signatures) 20181007
Panda 20181007
Sophos AV 20181007
SUPERAntiSpyware 20181006
Symantec Mobile Insight 20181001
TACHYON 20181007
Tencent 20181007
TheHacker 20181001
TotalDefense 20181007
TrendMicro 20181007
TrendMicro-HouseCall 20181007
Trustlook 20181007
VBA32 20181005
VIPRE 20181007
ViRobot 20181007
Webroot 20181007
Yandex 20181005
Zillya 20181005
ZoneAlarm by Check Point 20181007
Zoner 20181006
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights res

Product С® Qwe® Operating System
Original name Sidebar U
Internal name Sidebar U
Description Windows Sideb
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-04-28 14:30:48
Entry Point 0x0001A37C
Number of sections 5
PE sections
PE imports
GetServiceDisplayNameW
LogonUserA
LookupAccountSidW
GetFileSecurityA
GetTextCharsetInfo
GetCurrentObject
FillRgn
ExtTextOutW
DeleteDC
GetMapMode
GetCurrentPositionEx
FloodFill
ExtTextOutA
GetDIBits
GdiFlush
GetViewportOrgEx
GetRandomRgn
GetSystemTime
GetVolumePathNameW
GetSystemInfo
lstrcmpiA
DebugBreak
FlushFileBuffers
DeleteCriticalSection
GetDateFormatA
GetPrivateProfileStringA
LoadLibraryExW
VirtualLock
GetProfileSectionA
WriteProfileStringW
SetFileBandwidthReservation
DeleteTimerQueue
GetTempFileNameW
lstrcpynW
EraseTape
GetModuleHandleA
GetSystemTimes
GetSystemTimeAdjustment
GetThreadSelectorEntry
FindCloseChangeNotification
GetCurrencyFormatA
VirtualQueryEx
GetFileType
ExtractIconExA
DecryptMessage
BeginDeferWindowPos
GetOpenClipboardWindow
GetScrollPos
GetUpdateRect
IsRectEmpty
GetClassInfoExA
DestroyCursor
GetMessageW
GetShellWindow
LoadKeyboardLayoutA
GetProcessWindowStation
GetPrinterDataW
strftime
fsetpos
MkParseDisplayName
Number of PE resources by type
RT_MESSAGETABLE 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
4294967295

LinkerVersion
12.1

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.1.7601.17514

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Windows Sideb

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
56320

EntryPoint
0x1a37c

OriginalFileName
Sidebar U

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights re

TimeStamp
2004:04:28 07:30:48-07:00

FileType
Win32 EXE

PEType
PE32

InternalName
Sidebar U

ProductVersion
6.1.7600.1638

SubsystemVersion
5.0

OSVersion
4.2

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Corporation

CodeSize
113152

ProductName
Qwe Operating System

ProductVersionNumber
6.1.7601.17514

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 8be8693087746d6dc3cd5a762fa1e3a7
SHA1 13d863a8291c97c46421ec0e7e8243f12a20c32a
SHA256 2856e22a3e757dbfaedd2918876dc96d1524095581f73c7791d7795e7e3d6767
ssdeep
3072:GaNKS/rCt61Qb9uqQIym6C6+FAs//Ij0z4MWne+xCT2Yv:fYSjc6SbEqQIf6CDKgIj0z4

authentihash a945c90d331174b379cabf17ff0eb83f0a8154e0dbfb7f91c8f3d5e6442df219
imphash a441b13dd7b61abec2ead26c474c69e0
File size 161.0 KB ( 164864 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-07 12:34:22 UTC ( 4 months, 2 weeks ago )
Last submission 2018-10-07 12:34:22 UTC ( 4 months, 2 weeks ago )
File names Sidebar U
AB1fvPY6Xe.exe
CC6HDOHfZo.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!