× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 339b9ebbdfff6b1f74846169862fcdc7bf6546d291a1e15259648f5d17e14501
File name: 339b9ebbdfff6b1f74846169862fcdc7bf6546d291a1e15259648f5d17e14501
Detection ratio: 35 / 63
Analysis date: 2018-07-05 06:44:19 UTC ( 7 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Razy.351823 20180705
AhnLab-V3 Trojan/Win32.Emotet.R230398 20180705
ALYac Gen:Variant.Razy.351823 20180705
Arcabit Trojan.Razy.D55E4F 20180705
AVG FileRepMalware 20180705
AVware Trojan.Win32.Generic!BT 20180705
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180705
BitDefender Gen:Variant.Razy.351823 20180705
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180530
Cybereason malicious.6b2b42 20180225
Cyren W32/Emotet.CQ.gen!Eldorado 20180705
DrWeb Trojan.EmotetENT.246 20180705
Emsisoft Trojan.Emotet (A) 20180705
Endgame malicious (high confidence) 20180612
ESET-NOD32 a variant of Win32/Kryptik.GIAJ 20180705
F-Prot W32/Emotet.CQ.gen!Eldorado 20180705
F-Secure Gen:Variant.Razy.351823 20180705
Fortinet W32/Kryptik.GHOF!tr 20180705
GData Win32.Trojan-Spy.Emotet.RV 20180705
Kaspersky Trojan-Banker.Win32.Emotet.athf 20180705
Malwarebytes Trojan.Emotet 20180705
MAX malware (ai score=81) 20180705
McAfee Artemis!B0EA39C8E5F0 20180705
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.ch 20180705
Microsoft Trojan:Win32/Emotet.AC!bit 20180705
eScan Gen:Variant.Razy.351823 20180705
Panda Trj/GdSda.A 20180704
Qihoo-360 HEUR/QVM20.1.4B90.Malware.Gen 20180705
SentinelOne (Static ML) static engine - malicious 20180701
Sophos AV Mal/EncPk-ANX 20180705
SUPERAntiSpyware Trojan.Agent/Gen-Kryptik 20180704
Symantec ML.Attribute.HighConfidence 20180705
VBA32 Malware-Cryptor.Limpopo 20180704
VIPRE Trojan.Win32.Generic!BT 20180705
Webroot W32.Trojan.Emotet 20180705
AegisLab 20180705
Antiy-AVL 20180705
Avast 20180705
Avast-Mobile 20180705
Avira (no cloud) 20180704
Babable 20180406
Bkav 20180704
CAT-QuickHeal 20180704
ClamAV 20180704
CMC 20180704
Comodo 20180705
eGambit 20180705
Ikarus 20180704
Sophos ML 20180601
Jiangmin 20180705
K7AntiVirus 20180705
K7GW 20180705
Kingsoft 20180705
NANO-Antivirus 20180705
Palo Alto Networks (Known Signatures) 20180705
TACHYON 20180705
Tencent 20180705
TheHacker 20180628
TotalDefense 20180705
Trustlook 20180705
ViRobot 20180705
Yandex 20180704
Zillya 20180704
Zoner 20180704
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(c)2008-2018 CPUID. All rights reserved.

Product CPUID Hardware Monitor
Original name HWMonitor.exe
Internal name HWMonitor.exe
File version 1, 3, 5, 0
Description HWMonitor
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-06-21 19:21:37
Entry Point 0x000014C7
Number of sections 4
PE sections
PE imports
AdjustTokenPrivileges
ReadEventLogA
GetPrivateObjectSecurity
LocalReAlloc
FreeUserPhysicalPages
InitializeCriticalSection
UnregisterApplicationRecoveryCallback
GetCommProperties
CloseHandle
GetSystemTimeAsFileTime
QueueUserWorkItem
GetHandleInformation
GetLogicalProcessorInformation
MprInfoBlockRemove
UrlUnescapeW
DdeImpersonateClient
GetMessagePos
CountClipboardFormats
GetMenuInfo
CharNextA
IsZoomed
keybd_event
GetSystemMenu
SetSystemCursor
GetScrollBarInfo
GetSysColor
ArrangeIconicWindows
MonitorFromRect
fsetpos
CreateBindCtx
Number of PE resources by type
RT_STRING 26
RT_DIALOG 4
RT_BITMAP 4
RT_MENU 1
RT_ACCELERATOR 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 34
FRENCH 3
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:06:21 20:21:37+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
24576

LinkerVersion
0.0

ImageFileCharacteristics
No relocs, Executable, 32-bit

EntryPoint
0x14c7

InitializedDataSize
65536

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 b0ea39c8e5f00af0849d6493d82eb92b
SHA1 60fe6e76b2b42f8bb20fa153aace2563ace23f6b
SHA256 339b9ebbdfff6b1f74846169862fcdc7bf6546d291a1e15259648f5d17e14501
ssdeep
3072:SoE4cUBFXJkVsWqBjS4L4GmDjq3YdT3kdTPfyEPpUWDzX:SqcUBFXk6jS4cGmDjq3YdjqTPf

authentihash 4eef90fec587923ff9095a43a94895f4ba39c64a3b3c5f0fceea531bd8fa6e8e
imphash 714af71e96b11b026b0cfddc73c40dad
File size 124.0 KB ( 126976 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-07-05 06:44:19 UTC ( 7 months, 2 weeks ago )
Last submission 2018-10-25 19:48:37 UTC ( 3 months, 3 weeks ago )
File names HWMonitor.exe
b0ea39c8e5f00af0849d6493d82eb92b.vir
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!