× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 30ea181a66bd17233fe6e858e0f0ac1bb559c7795620b511eded7a09f2250c6b
File name: 82126.exe
Detection ratio: 18 / 67
Analysis date: 2018-06-22 06:07:57 UTC ( 7 months, 4 weeks ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20180622
AVG FileRepMalware 20180622
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180622
Bkav HW32.Packed.C44D 20180621
CAT-QuickHeal Trojan.Drixed.100454 20180621
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180530
Cybereason malicious.d2cd81 20180225
Cylance Unsafe 20180622
Endgame malicious (high confidence) 20180612
ESET-NOD32 a variant of Win32/GenKryptik.BNZT 20180622
Sophos ML heuristic 20180601
McAfee Emotet-FGR!40CE8273DCF3 20180622
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20180622
Palo Alto Networks (Known Signatures) generic.ml 20180622
Qihoo-360 HEUR/QVM20.1.0242.Malware.Gen 20180622
SentinelOne (Static ML) static engine - malicious 20180618
Symantec ML.Attribute.HighConfidence 20180621
Webroot W32.Trojan.Emotet 20180622
Ad-Aware 20180622
AegisLab 20180622
AhnLab-V3 20180621
Alibaba 20180622
ALYac 20180622
Antiy-AVL 20180622
Arcabit 20180622
Avast-Mobile 20180621
Avira (no cloud) 20180621
AVware 20180621
Babable 20180406
BitDefender 20180622
ClamAV 20180622
CMC 20180621
Comodo 20180622
Cyren 20180622
DrWeb 20180622
eGambit 20180622
Emsisoft 20180622
F-Prot 20180622
F-Secure 20180622
Fortinet 20180622
GData 20180622
Ikarus 20180621
Jiangmin 20180622
K7AntiVirus 20180621
K7GW 20180622
Kaspersky 20180622
Kingsoft 20180622
Malwarebytes 20180622
MAX 20180622
Microsoft 20180622
eScan 20180622
NANO-Antivirus 20180622
Panda 20180621
Rising 20180622
Sophos AV 20180622
SUPERAntiSpyware 20180622
Symantec Mobile Insight 20180619
TACHYON 20180622
Tencent 20180622
TheHacker 20180621
TrendMicro 20180622
TrendMicro-HouseCall 20180622
Trustlook 20180622
VBA32 20180621
VIPRE 20180622
ViRobot 20180622
Yandex 20180621
Zillya 20180621
ZoneAlarm by Check Point 20180622
Zoner 20180621
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(c)2008-2018 CPUID. All rights reserved.

Product CPUID Hardware Monitor
Original name HWMonitor.exe
Internal name HWMonitor.exe
File version 1, 3, 5, 0
Description HWMonitor
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-06-22 12:30:28
Entry Point 0x000014C3
Number of sections 4
PE sections
PE imports
CryptSetKeyParam
CryptVerifySignatureW
RegCloseKey
SetSecurityAccessMask
PolyPolygon
Pie
CreateEllipticRgn
GdiGetBatchLimit
GetThreadContext
LockFileEx
GetThreadId
FormatMessageA
SetEvent
SetProcessPriorityBoost
GetTickCount
CloseHandle
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetCurrentThread
FillConsoleOutputAttribute
WritePrivateProfileStringW
acmFormatEnumW
MapWindowPoints
DdeAbandonTransaction
UnhookWinEvent
GetCursorInfo
GetCapture
GetWindowThreadProcessId
UserHandleGrantAccess
GetClipboardSequenceNumber
GetClipboardData
OpenDriver
AddMonitorW
Number of PE resources by type
RT_STRING 26
RT_DIALOG 4
RT_BITMAP 4
RT_MENU 1
RT_ACCELERATOR 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 34
FRENCH 3
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:06:22 13:30:28+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
24576

LinkerVersion
0.0

ImageFileCharacteristics
No relocs, Executable, 32-bit

EntryPoint
0x14c3

InitializedDataSize
65536

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 40ce8273dcf3ab7b8755986b8635f61e
SHA1 ec9015fd2cd81d72fbd5574bf428bd9cf50e433c
SHA256 30ea181a66bd17233fe6e858e0f0ac1bb559c7795620b511eded7a09f2250c6b
ssdeep
3072:4KvLIUxfzutZdcufiHMlSPfyEPpUWDzX:RvsUxytZdcuKsoPf

authentihash 39efc656a97afdb0340b125b420f522802870ed1a5f5bd77b5ff8b50ac9f4314
imphash 0a1290151cc0735db49be8e25e6821b2
File size 124.0 KB ( 126976 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-06-22 06:07:57 UTC ( 7 months, 4 weeks ago )
Last submission 2018-06-22 06:07:57 UTC ( 7 months, 4 weeks ago )
File names HWMonitor.exe
31029.exe
82126.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!