× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 29c6ad44eeada78789b59218e6c21496c88074e24656b76ef041af88c7cb27b8
File name: a6fb408a4ee7efe45299d2c531234093
Detection ratio: 13 / 66
Analysis date: 2018-05-18 22:02:04 UTC ( 7 months ago )
Antivirus Result Update
AhnLab-V3 Malware/Win32.Generic.C2292050 20180518
Avast Win32:Stealer-DM [Trj] 20180518
AVG Win32:Stealer-DM [Trj] 20180518
Avira (no cloud) TR/PSW.Stealer.obmwd 20180518
AVware Trojan.Win32.Generic!BT 20180518
Endgame malicious (moderate confidence) 20180507
K7AntiVirus Riskware ( 0040eff71 ) 20180518
K7GW Riskware ( 0040eff71 ) 20180518
McAfee GenericRXEP-PF!A6FB408A4EE7 20180518
McAfee-GW-Edition GenericRXEP-PF!A6FB408A4EE7 20180518
NANO-Antivirus Trojan.Win32.Stealer.ethawu 20180518
VIPRE Trojan.Win32.Generic!BT 20180518
Yandex Trojan.PWS.Stealer!VNB40kXh6EA 20180518
Ad-Aware 20180518
AegisLab 20180518
Alibaba 20180518
ALYac 20180518
Antiy-AVL 20180518
Arcabit 20180518
Avast-Mobile 20180518
Babable 20180406
Baidu 20180518
BitDefender 20180518
Bkav 20180518
CAT-QuickHeal 20180518
ClamAV 20180518
CMC 20180518
Comodo 20180518
CrowdStrike Falcon (ML) 20180418
Cybereason None
Cylance 20180518
Cyren 20180518
DrWeb 20180518
eGambit 20180518
Emsisoft 20180518
ESET-NOD32 20180518
F-Prot 20180518
F-Secure 20180518
Fortinet 20180518
GData 20180518
Ikarus 20180518
Sophos ML 20180503
Jiangmin 20180518
Kaspersky 20180518
Malwarebytes 20180518
MAX 20180518
Microsoft 20180518
eScan 20180518
nProtect 20180518
Palo Alto Networks (Known Signatures) 20180518
Panda 20180518
Qihoo-360 20180518
Rising 20180518
SentinelOne (Static ML) 20180225
Sophos AV 20180518
SUPERAntiSpyware 20180518
Symantec 20180518
Symantec Mobile Insight 20180517
Tencent 20180518
TheHacker 20180516
TotalDefense 20180518
TrendMicro 20180518
TrendMicro-HouseCall 20180518
Trustlook 20180518
VBA32 20180518
ViRobot 20180518
Webroot 20180518
Zillya 20180516
ZoneAlarm by Check Point 20180518
Zoner 20180518
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-05-18 13:56:01
Entry Point 0x000066D0
Number of sections 4
PE sections
PE exports
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
2018:05:18 14:56:01+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
35840

LinkerVersion
10.0

EntryPoint
0x66d0

InitializedDataSize
3072

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

File identification
MD5 a6fb408a4ee7efe45299d2c531234093
SHA1 c9f1f49c2f0b4ff8bc66b22fa3ddd2e9b049c128
SHA256 29c6ad44eeada78789b59218e6c21496c88074e24656b76ef041af88c7cb27b8
ssdeep
768:liRUJZ0Kj3GlrJljdqYK8sV9dcSGVvLE7Ozkjp/GGQ:HJ+Kj3Gl9LxK/YJw7OzSp/

authentihash 32a914483193a0d446af86282c652900e5b98a9f683ab150030a8bd34e94eff9
File size 39.0 KB ( 39936 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
pedll

VirusTotal metadata
First submission 2018-05-18 22:02:04 UTC ( 7 months ago )
Last submission 2018-05-18 22:02:04 UTC ( 7 months ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!