× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 32961129f33182b4bf17dfb95a735b91224b53f809d0fa82961fcfb8164094f2
File name: output.115170705.txt
Detection ratio: 14 / 70
Analysis date: 2019-02-08 02:52:19 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
Acronis suspicious 20190130
AVG FileRepMalware 20190208
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181023
Cylance Unsafe 20190208
Endgame malicious (high confidence) 20181108
Sophos ML heuristic 20181128
Microsoft Trojan:Win32/Emotet.AC!bit 20190208
Palo Alto Networks (Known Signatures) generic.ml 20190208
Qihoo-360 HEUR/QVM19.1.14DB.Malware.Gen 20190208
Rising Trojan.GenKryptik!8.AA55 (TFE:dGZlOgQ0w71XKlJU7Q) 20190208
SentinelOne (Static ML) static engine - malicious 20190203
Sophos AV Mal/Emotet-Q 20190208
Symantec Packed.Generic.517 20190207
Trapmine malicious.moderate.ml.score 20190123
Ad-Aware 20190208
AegisLab 20190208
AhnLab-V3 20190208
Alibaba 20180921
ALYac 20190208
Antiy-AVL 20190208
Arcabit 20190208
Avast 20190208
Avast-Mobile 20190207
Avira (no cloud) 20190207
Babable 20180918
Baidu 20190202
BitDefender 20190208
Bkav 20190201
CAT-QuickHeal 20190206
ClamAV 20190207
CMC 20190207
Comodo 20190208
Cybereason 20190109
Cyren 20190208
DrWeb 20190208
eGambit 20190208
Emsisoft 20190208
ESET-NOD32 20190208
F-Prot 20190208
F-Secure 20190208
Fortinet 20190208
GData 20190208
Ikarus 20190207
Jiangmin 20190207
K7AntiVirus 20190208
K7GW 20190207
Kaspersky 20190208
Kingsoft 20190208
Malwarebytes 20190208
MAX 20190208
McAfee 20190208
McAfee-GW-Edition 20190207
eScan 20190208
NANO-Antivirus 20190208
Panda 20190207
SUPERAntiSpyware 20190206
Symantec Mobile Insight 20190207
TACHYON 20190208
Tencent 20190208
TheHacker 20190203
TotalDefense 20190206
TrendMicro 20190207
TrendMicro-HouseCall 20190208
Trustlook 20190208
VBA32 20190207
ViRobot 20190207
Webroot 20190208
Yandex 20190206
Zillya 20190207
ZoneAlarm by Check Point 20190208
Zoner 20190208
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright Netscape Communications. 1994, 1995

Product NETSCAPE
Original name PR3221.DLL
Internal name PR3221
File version 4.5.1.48
Description Netscape 32-bit Portable Runtime
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-02-08 10:41:49
Entry Point 0x0000E900
Number of sections 5
PE sections
PE imports
GdiFlush
FindAtomW
GetAtomNameA
IsSystemResumeAutomatic
GetModuleHandleW
GetDateFormatEx
GetCursor
DrawFrameControl
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
LegalTrademarks
Netscape, Mozilla

SubsystemVersion
5.0

InitializedDataSize
303104

ImageVersion
0.0

ProductName
NETSCAPE

FileVersionNumber
4.5.1.48

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, 32-bit, System file

CharacterSet
Windows, Latin1

LinkerVersion
12.0

FileTypeExtension
exe

OriginalFileName
PR3221.DLL

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
4.5.1.48

TimeStamp
2019:02:08 10:41:49+00:00

FileType
Win32 EXE

PEType
PE32

InternalName
PR3221

ProductVersion
4.05

FileDescription
Netscape 32-bit Portable Runtime

OSVersion
5.0

FileOS
Windows 32-bit

LegalCopyright
Copyright Netscape Communications. 1994, 1995

MachineType
Intel 386 or later, and compatibles

CompanyName
Netscape Communications Corporation

CodeSize
61952

FileSubtype
0

ProductVersionNumber
4.5.1.48

EntryPoint
0xe900

ObjectFileType
Dynamic link library

File identification
MD5 e3a74699d7d163fc853d9cdc438eb864
SHA1 ffb4534b7d0d11940d46a8410e9ff0a873687438
SHA256 32961129f33182b4bf17dfb95a735b91224b53f809d0fa82961fcfb8164094f2
ssdeep
3072:2KUrbPvh/NAusbmAlQaTUEMBUb3Cd7GA73ixo+uJmh4i8yWIq7Dkx+oR3QjKbEW:KkiKo+7h8yWIf+ab

authentihash 187a5747af0304ccc44534dfe4113c511dd15e67ed57a72f9d2d764cdc4503e4
imphash c7902b28d48bb61343d23cd1414b92b2
File size 349.5 KB ( 357888 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit system file

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2019-02-08 02:46:26 UTC ( 1 month, 1 week ago )
Last submission 2019-02-08 03:26:58 UTC ( 1 month, 1 week ago )
File names PR3221
KrzwLLr.exe
PR3221.DLL
output.115170705.txt
emotet_e1_32961129f33182b4bf17dfb95a735b91224b53f809d0fa82961fcfb8164094f2_2019-02-08__025002.exe_
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!