× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2f32fe2c3ca78fc4e5769dfb6948fe2e8c890740a5537c2f7427980cb27ee4c9
File name: 242133d7c9e40a207d6b601cd5183d27.virus
Detection ratio: 46 / 68
Analysis date: 2018-12-05 01:21:07 UTC ( 4 months, 2 weeks ago )
Antivirus Result Update
Ad-Aware Backdoor.Emotet.H 20181204
AhnLab-V3 Spyware/Win32.Emotet.C2742967 20181204
ALYac Backdoor.Emotet.H 20181204
Antiy-AVL Trojan[Ransom]/Win32.FriedEx 20181204
Arcabit Backdoor.Emotet.H 20181204
Avast Win32:MalwareX-gen [Trj] 20181204
AVG Win32:MalwareX-gen [Trj] 20181204
ClamAV Win.Packer.MalwareCrypter-6697264-0 20181203
Comodo TrojWare.Win32.Dovs.MO@7lrh2k 20181204
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
Cybereason malicious.9cf713 20180225
Cylance Unsafe 20181205
Cyren W32/Kryptik.IU.gen!Eldorado 20181204
Emsisoft Trojan.Emotet (A) 20181204
Endgame malicious (high confidence) 20181108
ESET-NOD32 Win32/Filecoder.FriedEx.F 20181205
F-Prot W32/Kryptik.IU.gen!Eldorado 20181204
F-Secure Backdoor.Emotet.H 20181204
Fortinet W32/Kryptik.GLMY!tr 20181204
Ikarus Trojan.Win32.Dridex 20181204
Sophos ML heuristic 20181128
Jiangmin Trojan.Banker.Emotet.dbu 20181204
K7AntiVirus Riskware ( 0040eff71 ) 20181204
K7GW Trojan ( 005412d01 ) 20181204
Kaspersky HEUR:Trojan.Win32.Generic 20181204
Malwarebytes Trojan.Emotet 20181204
MAX malware (ai score=84) 20181205
McAfee Emotet-FIB!242133D7C9E4 20181204
McAfee-GW-Edition Emotet-FIB!242133D7C9E4 20181204
Microsoft Trojan:Win32/Emotet!rfn 20181204
eScan Backdoor.Emotet.H 20181205
NANO-Antivirus Trojan.Win32.Emotet.fiqiet 20181205
Panda Trj/Genetic.gen 20181204
Qihoo-360 HEUR/QVM20.1.A6D6.Malware.Gen 20181205
Rising Trojan.Emotet!8.B95 (CLOUD) 20181205
Sophos AV Mal/Kryptik-DE 20181205
Symantec Trojan.Gen.2 20181205
TACHYON Banker/W32.Emotet.208896.H 20181204
Tencent Win32.Trojan.Filecoder.Hoej 20181205
Trapmine malicious.high.ml.score 20181128
TrendMicro TrojanSpy.Win32.EMOTET.SMGD1.hp 20181205
TrendMicro-HouseCall TrojanSpy.Win32.EMOTET.SMGD1.hp 20181205
VBA32 BScope.Trojan.Refinka 20181204
Webroot W32.Trojan.Gen 20181205
Zillya Trojan.Emotet.Win32.4749 20181204
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20181204
AegisLab 20181204
Alibaba 20180921
Avast-Mobile 20181204
Avira (no cloud) 20181204
Babable 20180918
Baidu 20181204
Bkav 20181203
CAT-QuickHeal 20181204
CMC 20181204
DrWeb 20181204
eGambit 20181205
Kingsoft 20181205
Palo Alto Networks (Known Signatures) 20181205
SentinelOne (Static ML) 20181011
SUPERAntiSpyware 20181128
Symantec Mobile Insight 20181204
TheHacker 20181202
TotalDefense 20181205
Trustlook 20181205
VIPRE 20181204
ViRobot 20181204
Yandex 20181204
Zoner 20181204
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
© CureIt Software. All rights reserved.

Product CureIt ® ffff
Original name CureIt .EXE
Internal name cureit
File version 5.3.2600.0
Description CureIt CureIt CureIt 3r3
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-12-31 22:00:23
Entry Point 0x00003280
Number of sections 6
PE sections
PE imports
GetPrivateProfileSectionNamesA
EnumSystemGeoID
HeapAlloc
GetProfileIntA
GlobalFindAtomW
EmptyClipboard
GetCaretBlinkTime
GetForegroundWindow
GetClipCursor
CountClipboardFormats
GetUpdateRgn
GetDesktopWindow
CloseClipboard
DestroyCaret
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
16.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
5.1.2600.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
CureIt CureIt CureIt 3r3

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
90112

EntryPoint
0x3280

OriginalFileName
CureIt .EXE

MIMEType
application/octet-stream

LegalCopyright
CureIt Software. All rights reserved.

FileVersion
5.3.2600.0

TimeStamp
2011:12:31 23:00:23+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
cureit

ProductVersion
5.3.2600.0

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
CureIt Software

CodeSize
114688

ProductName
CureIt ffff

ProductVersionNumber
5.1.2600.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 242133d7c9e40a207d6b601cd5183d27
SHA1 1fe93909cf71386abbc9c5b33b324c2d688d12ab
SHA256 2f32fe2c3ca78fc4e5769dfb6948fe2e8c890740a5537c2f7427980cb27ee4c9
ssdeep
3072:Yysn306NxdT3DswltSxnaXwHpfIGT51Oq:E30cdT4wTSuofI

authentihash 099885384e6c4641301b4d3406fdfe6c10ee021d69755bdf5511e292242ebf0d
imphash e8a7b4160ad6848a4e884c30afa3d7aa
File size 204.0 KB ( 208896 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-05 01:21:07 UTC ( 4 months, 2 weeks ago )
Last submission 2018-12-05 01:21:07 UTC ( 4 months, 2 weeks ago )
File names CureIt .EXE
cureit
242133d7c9e40a207d6b601cd5183d27.virus
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.