× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2f90b172fcba56fa3c9246273808330ce64c94638c930eaa6bfca1bf559feb71
File name: 2f90b172fcba56fa3c9246273808330ce64c94638c930eaa6bfca1bf559feb71
Detection ratio: 53 / 71
Analysis date: 2018-12-30 21:14:43 UTC ( 1 month, 3 weeks ago ) View latest
Antivirus Result Update
Acronis suspicious 20181227
Ad-Aware Trojan.Autoruns.GenericKD.31390485 20181230
AegisLab Trojan.Win32.Emotet.4!c 20181230
AhnLab-V3 Malware/Win32.Generic.C2871303 20181230
ALYac Trojan.Agent.Emotet 20181230
Antiy-AVL Trojan[Banker]/Win32.Emotet 20181230
Arcabit Trojan.Autoruns.Generic.D1DEFB15 20181230
Avast Win32:BankerX-gen [Trj] 20181230
AVG Win32:BankerX-gen [Trj] 20181230
BitDefender Trojan.Autoruns.GenericKD.31390485 20181230
CAT-QuickHeal Trojan.Csrn 20181230
Comodo Malware@#llgis4344kfw 20181230
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.4e423e 20180225
Cylance Unsafe 20181230
DrWeb Trojan.Emotet.533 20181230
Emsisoft Trojan.Autoruns.GenericKD.31390485 (B) 20181230
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GNLL 20181230
F-Secure Trojan.Autoruns.GenericKD.31390485 20181230
Fortinet W32/Kryptik.GNLA!tr 20181230
GData Trojan.Autoruns.GenericKD.31390485 20181230
Ikarus Trojan.Win32.Krypt 20181230
Sophos ML heuristic 20181128
K7AntiVirus Trojan ( 0053b6a31 ) 20181230
K7GW Trojan ( 0053b6a31 ) 20181230
Kaspersky Trojan-Banker.Win32.Emotet.bsxv 20181230
Malwarebytes Trojan.Emotet 20181230
MAX malware (ai score=100) 20181230
McAfee RDN/Generic.grp 20181230
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20181230
Microsoft Trojan:Win32/Emotet.BE 20181230
eScan Trojan.Autoruns.GenericKD.31390485 20181230
NANO-Antivirus Trojan.Win32.Emotet.fktoew 20181230
Palo Alto Networks (Known Signatures) generic.ml 20181230
Panda Trj/Genetic.gen 20181230
Qihoo-360 HEUR/QVM19.1.900D.Malware.Gen 20181230
Rising Trojan.GenKryptik!8.AA55 (CLOUD) 20181230
SentinelOne (Static ML) static engine - malicious 20181223
Sophos AV Mal/EncPk-ANY 20181230
Symantec Trojan.Emotet 20181229
TACHYON Banker/W32.Emotet.135168.BE 20181230
Tencent Win32.Trojan-banker.Emotet.Alir 20181230
Trapmine malicious.moderate.ml.score 20181205
TrendMicro TSPY_EMOTET.THABOCAH 20181230
TrendMicro-HouseCall TSPY_EMOTET.THABOCAH 20181230
VBA32 TrojanBanker.Emotet 20181229
VIPRE Trojan.Win32.Generic!BT 20181229
ViRobot Trojan.Win32.Z.Emotet.135168.ES 20181230
Webroot W32.Trojan.Emotet 20181230
Yandex Trojan.PWS.Emotet! 20181229
Zillya Trojan.Emotet.Win32.8181 20181228
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bsxv 20181230
Alibaba 20180921
Avast-Mobile 20181230
Avira (no cloud) 20181230
Babable 20180918
Baidu 20181207
Bkav 20181227
ClamAV 20181230
CMC 20181230
Cyren 20181230
eGambit 20181230
F-Prot 20181230
Jiangmin 20181230
Kingsoft 20181230
SUPERAntiSpyware 20181226
Symantec Mobile Insight 20181225
TheHacker 20181230
TotalDefense 20181230
Trustlook 20181230
Zoner 20181230
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(c) 1996-2004 Logitech. All rights reserved.

Product Logitech QuickCam
Original name Namespc2.dll
Internal name Namespc2.dll
File version 8.2.0.1192
Description Logitech Namespace2
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2007-08-21 02:59:10
Entry Point 0x00001605
Number of sections 11
PE sections
PE imports
RegCloseKey
RegEnumValueW
RegSetKeySecurity
JetPrepareUpdate
GetViewportExtEx
GetLargePageMinimum
GetFileSize
CreateFileW
GetCommandLineW
GetSystemDefaultLCID
PulseEvent
DeleteAtom
GetFileType
FindNextFileA
SetMailslotInfo
GetUserDefaultLCID
SafeArrayCreate
NdrAllocate
CountClipboardFormats
GetLastActivePopup
DdeConnectList
GetPhysicalCursorPos
GetWindowInfo
ActivateKeyboardLayout
VerQueryValueA
waveOutGetPosition
midiInStart
OleConvertIStorageToOLESTREAM
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
11.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
8.2.0.1192

LanguageCode
Neutral

FileFlagsMask
0x30003f

FileDescription
Logitech Namespace2

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
0

EntryPoint
0x1605

OriginalFileName
Namespc2.dll

MIMEType
application/octet-stream

LegalCopyright
(c) 1996-2004 Logitech. All rights reserved.

FileVersion
8.2.0.1192

TimeStamp
2007:08:21 04:59:10+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
Namespc2.dll

OLESelfRegister
1.0

ProductVersion
8.2.0.1192

SubsystemVersion
6.0

OSVersion
6.0

FileOS
Windows 16-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Logitech Inc.

CodeSize
8192

ProductName
Logitech QuickCam

ProductVersionNumber
8.2.0.1192

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 ef1d22f4e423edbc710a6a3b5b3f43e3
SHA1 d44a5d7ce3e64df2e75cb294fec6d5f3b199811b
SHA256 2f90b172fcba56fa3c9246273808330ce64c94638c930eaa6bfca1bf559feb71
ssdeep
1536:dPoCEEDDqLXxTg/LNAItP512q5SPfAnGGz5OCgsOg2micJhMhhqf7yqeG3esO1vy:d4OOLPfAnGsIDmicJMhqf7yqKi82x

authentihash 362a9bf2a05e70680042f198011943a237c83b9941fb8ec34e107c3a1b7e8471
imphash 8afe4857dd40e63bfa39e229cb249ba6
File size 132.0 KB ( 135168 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-01 02:02:52 UTC ( 2 months, 3 weeks ago )
Last submission 2018-12-01 02:06:13 UTC ( 2 months, 3 weeks ago )
File names tFzZCsk3Y9sOIQuwSF.exe
Namespc2.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!