× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 348088a8b914ec504bf3eef9028fa46f2ad205ca474c007a13db6004fda0dd8f
File name: animals.mp3.exe
Detection ratio: 8 / 55
Analysis date: 2016-10-26 10:30:08 UTC ( 2 years, 3 months ago ) View latest
Antivirus Result Update
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20161026
CAT-QuickHeal (Suspicious) - DNAScan 20161026
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20160725
Sophos ML generic.a 20161018
K7GW Trojan ( 700001211 ) 20161026
Kaspersky HEUR:Trojan.Win32.Generic 20161026
Qihoo-360 HEUR/QVM19.1.0000.Malware.Gen 20161026
Symantec Heur.AdvML.B 20161026
Ad-Aware 20161026
AegisLab 20161026
AhnLab-V3 20161026
Alibaba 20161026
ALYac 20161026
Antiy-AVL 20161026
Arcabit 20161026
Avast 20161026
AVG 20161026
Avira (no cloud) 20161026
AVware 20161026
BitDefender 20161026
Bkav 20161026
ClamAV 20161026
CMC 20161026
Comodo 20161026
Cyren 20161026
DrWeb 20161026
Emsisoft 20161026
ESET-NOD32 20161026
F-Prot 20161026
F-Secure 20161026
Fortinet 20161026
GData 20161026
Ikarus 20161026
Jiangmin 20161026
K7AntiVirus 20161025
Kingsoft 20161026
Malwarebytes 20161026
McAfee 20161026
McAfee-GW-Edition 20161026
Microsoft 20161026
eScan 20161026
NANO-Antivirus 20161026
nProtect 20161026
Panda 20161025
Rising 20161026
Sophos AV 20161026
SUPERAntiSpyware 20161026
Tencent 20161026
TheHacker 20161025
TrendMicro-HouseCall 20161026
VBA32 20161025
VIPRE 20161026
ViRobot 20161026
Yandex 20161025
Zillya 20161025
Zoner 20161026
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Internet Explorer
Original name MSHTMLED.DLL
Internal name MSHTMLED.DLL
File version 11.00.9600.18427 (winblue_ltsb_escrow.160801-1857)
Description Microsoft® HTML Editing Component
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1985-07-08 16:07:48
Entry Point 0x0001A0F0
Number of sections 18
PE sections
PE imports
CreateDIBPatternBrushPt
Toolhelp32ReadProcessMemory
FindVolumeClose
SetProcessShutdownParameters
VerLanguageNameW
LoadLibraryA
SetConsoleScreenBufferSize
FillConsoleOutputCharacterW
UpdateResourceA
CompareFileTime
CommConfigDialogW
GetDateFormatW
GetSystemDefaultLCID
GetLogicalDrives
GetProcAddress
GetThreadContext
EnumResourceTypesA
CreateMutexA
SetFilePointerEx
GetModuleHandleA
GetConsoleDisplayMode
MulDiv
ReleaseActCtx
GetDiskFreeSpaceA
TzSpecificLocalTimeToSystemTime
GlobalMemoryStatus
GetProcessAffinityMask
GetProcessHandleCount
FreeLibraryAndExitThread
VirtualProtectEx
LocalHandle
OpenEventA
GetNumberFormatW
ReadConsoleOutputA
MprInfoBlockAdd
VarBoolFromI1
ExtractAssociatedIconW
SHGetFileInfoW
DragQueryFileA
EndDialog
IsCharUpperW
ScreenToClient
atan
strtod
srand
fgetwc
mblen
wcscmp
sprintf
ungetc
strlen
GetErrorInfo
PdhLookupPerfNameByIndexW
URLDownloadToFileW
Number of PE resources by type
REGISTRY 3
TYPELIB 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 5
PE resources
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
2.0

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
11.0.9600.18427

UninitializedDataSize
6144

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
0

EntryPoint
0x1a0f0

OriginalFileName
MSHTMLED.DLL

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
11.00.9600.18427 (winblue_ltsb_escrow.160801-1857)

TimeStamp
1985:07:08 17:07:48+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
MSHTMLED.DLL

ProductVersion
11.00.9600.18427

FileDescription
Microsoft HTML Editing Component

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
22528

ProductName
Internet Explorer

ProductVersionNumber
11.0.9600.18427

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 3652a19be1303eb2b7f35927ff793356
SHA1 579be876819528b02f382ef91f203b48515625d4
SHA256 348088a8b914ec504bf3eef9028fa46f2ad205ca474c007a13db6004fda0dd8f
ssdeep
3072:JiMIjoxEE2KjQsvchZPY6iaiyIK7MIhr7eMPOUX:JHdxEE2wTgZQ6liyhMIhV

authentihash 8741440a9e3c4f9d5a9cdb5722f5a88023857e7c21b577e5fae7568bea73fafe
imphash e1cfe9327c5746a8b3505f5282d78b06
File size 107.8 KB ( 110400 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.8%)
Clipper DOS Executable (19.1%)
Generic Win/DOS Executable (19.0%)
DOS Executable Generic (18.9%)
Tags
peexe

VirusTotal metadata
First submission 2016-10-26 10:30:08 UTC ( 2 years, 3 months ago )
Last submission 2016-12-17 01:03:26 UTC ( 2 years, 2 months ago )
File names animals.mp3
calc.exe
MSHTMLED.DLL
animals.mp3.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Runtime DLLs
UDP communications