× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2e63942bf12b6fbb3f8a48716e5d97079e4df668c9181d9a66651cba873d2a17
File name: 1pd6B8MtUZ5.exe
Detection ratio: 45 / 70
Analysis date: 2018-12-24 00:45:05 UTC ( 1 month, 4 weeks ago ) View latest
Antivirus Result Update
Acronis malware 20181222
Ad-Aware Trojan.GenericKD.40842354 20181223
AhnLab-V3 Trojan/Win32.Emotet.R249326 20181223
Avast Win32:Trojan-gen 20181223
AVG Win32:Trojan-gen 20181223
BitDefender Trojan.GenericKD.40842354 20181223
Bkav HW32.Packed. 20181221
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.501442 20180225
Cylance Unsafe 20181224
Cyren W32/Emotet.LD.gen!Eldorado 20181224
DrWeb Trojan.EmotetENT.330 20181224
Emsisoft Trojan.Emotet (A) 20181224
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GNYQ 20181223
F-Prot W32/Emotet.LD.gen!Eldorado 20181224
F-Secure Trojan.GenericKD.40842354 20181224
Fortinet W32/GenKryptik.CULQ!tr 20181224
GData Trojan.GenericKD.40842354 20181224
Ikarus Trojan-Banker.Emotet 20181224
Sophos ML heuristic 20181128
K7AntiVirus Trojan ( 005440f21 ) 20181223
K7GW Trojan ( 005440f21 ) 20181223
Kaspersky Trojan-Banker.Win32.Emotet.bvqy 20181224
Malwarebytes Trojan.Emotet 20181224
MAX malware (ai score=100) 20181224
McAfee Emotet-FLD!50ECE2F50144 20181224
McAfee-GW-Edition BehavesLike.Win32.Emotet.cc 20181223
Microsoft Trojan:Win32/Emotet 20181224
eScan Trojan.GenericKD.40842354 20181223
NANO-Antivirus Trojan.Win32.EmotetENT.flkagi 20181223
Palo Alto Networks (Known Signatures) generic.ml 20181224
Panda Trj/GdSda.A 20181223
Qihoo-360 Win32/Trojan.c84 20181224
Rising Trojan.Inject!8.103 (CLOUD) 20181223
SentinelOne (Static ML) static engine - malicious 20181223
Sophos AV Mal/EncPk-AOI 20181223
Symantec Trojan.Emotet 20181222
Tencent Win32.Trojan-banker.Emotet.Swbk 20181224
Trapmine malicious.high.ml.score 20181205
TrendMicro-HouseCall TrojanSpy.Win32.EMOTET.THABBOAH 20181223
VBA32 BScope.Trojan.Emotet 20181222
VIPRE LooksLike.Win32.Dridex.e (v) 20181223
Webroot W32.Trojan.Emotet 20181224
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bvqy 20181223
AegisLab 20181223
Alibaba 20180921
Antiy-AVL 20181223
Arcabit 20181223
Avast-Mobile 20181223
Avira (no cloud) 20181223
Babable 20180918
Baidu 20181207
CAT-QuickHeal 20181223
ClamAV 20181223
CMC 20181223
Comodo 20181223
eGambit 20181224
Jiangmin 20181223
Kingsoft 20181224
SUPERAntiSpyware 20181220
Symantec Mobile Insight 20181215
TACHYON 20181223
TheHacker 20181220
TotalDefense 20181223
TrendMicro 20181224
Trustlook 20181224
ViRobot 20181223
Yandex 20181223
Zillya 20181222
Zoner 20181223
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © LEAD Technologies, Inc. 1997

Product LEADTOOLS® DLL for Win32
Original name LTFIL80N.DLL
Internal name LTFIL80N
File version 8.00.0.010
Description LEADTOOLS® DLL for Win32
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2005-07-05 05:51:36
Entry Point 0x00002A29
Number of sections 6
PE sections
PE imports
NotifyBootConfigStatus
AddAuditAccessObjectAce
RegisterServiceCtrlHandlerExW
SetTokenInformation
CryptDecrypt
SetNamedSecurityInfoW
RegOpenUserClassesRoot
CM_Disconnect_Machine
CM_Get_Device_ID_ExW
CM_Get_DevNode_Registry_Property_ExW
CM_Get_DevNode_Registry_PropertyA
CM_Get_Next_Res_Des
CM_Get_Next_Log_Conf
ClusterRegOpenKey
CertGetIssuerCertificateFromStore
JetRetrieveColumns
SetGraphicsMode
Polygon
SetWorldTransform
RestoreDC
DrawEscape
GetCurrentPositionEx
GetBoundsRect
SetTextJustification
GetDIBits
GetGraphicsMode
PlayMetaFile
CreateColorSpaceW
GetPrivateProfileSectionNamesA
GetTempPathA
LocalReAlloc
GetConsoleOutputCP
Heap32Next
GetTimeFormatA
GlobalFree
CloseHandle
QueryActCtxW
GetCommandLineA
CreateMutexExA
GetBinaryTypeA
ReadConsoleOutputA
GetPwrCapabilities
RasGetSubEntryPropertiesA
RpcRaiseException
RpcErrorEndEnumeration
RpcStringBindingComposeA
ExtractAssociatedIconA
ColorRGBToHLS
GetForegroundWindow
GetLastActivePopup
CloseDesktop
GetMessageExtraInfo
IsMenu
IsWindow
GetProcessWindowStation
GetInputState
towupper
VerSetConditionMask
IsAccelerator
HBITMAP_UserMarshal
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
CodeSize
12288

SubsystemVersion
6.0

LinkerVersion
12.1

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
8.0.0.10

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
LEADTOOLS DLL for Win32

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
0

EntryPoint
0x2a29

OriginalFileName
LTFIL80N.DLL

MIMEType
application/octet-stream

LegalCopyright
Copyright LEAD Technologies, Inc. 1997

FileVersion
8.00.0.010

TimeStamp
2005:07:05 06:51:36+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
LTFIL80N

ProductVersion
8.00.0.010

UninitializedDataSize
0

OSVersion
6.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
LEAD Technologies, Inc.

LegalTrademarks
LEADTOOLS is a trademark of LEAD Technologies, Inc.

ProductName
LEADTOOLS DLL for Win32

ProductVersionNumber
8.0.0.10

FileTypeExtension
exe

ObjectFileType
Dynamic link library

Execution parents
File identification
MD5 50ece2f50144293e188895a861715ce9
SHA1 d77a2facc587b5242abf7e9063fc7204f67771e9
SHA256 2e63942bf12b6fbb3f8a48716e5d97079e4df668c9181d9a66651cba873d2a17
ssdeep
1536:e1SlBP0+qfGChjgAD5suItwuG0JwJbLS7fJI/YahNPPRYjxAbf4sDmDEaMLpuWbm:Qk8suWw8w/SFIDhNPyaL4qmDEVuWVc

authentihash cc7c369677e0c447e88396e5f79d12b098959a8e695658181675e5b814268827
imphash 10940dc7c35b1d6065b797f7d4b3a31d
File size 124.0 KB ( 126976 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-18 18:05:10 UTC ( 2 months ago )
Last submission 2018-12-19 01:52:47 UTC ( 2 months ago )
File names LTFIL80N
9riJycc6OgHi.exe
wg2JoOB1.exe
LTFIL80N.DLL
150.exe
1pd6B8MtUZ5.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!