× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 36416ed32c61e58b4f7ffe318308c336e4acd7681a808533d3a65014edf29c9b
File name: 36416ed32c61e58b4f7ffe318308c336e4acd7681a808533d3a65014edf29c9b
Detection ratio: 54 / 71
Analysis date: 2019-01-04 11:47:48 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.40641662 20190104
AhnLab-V3 Trojan/Win32.Emotet.R234758 20190104
ALYac Trojan.GenericKD.40641662 20190104
Antiy-AVL Trojan[Banker]/Win32.Emotet 20190104
Arcabit Trojan.Generic.D26C247E 20190104
Avast Win32:BankerX-gen [Trj] 20190104
AVG Win32:BankerX-gen [Trj] 20190104
Avira (no cloud) TR/Emotet.fsq 20190104
BitDefender Trojan.GenericKD.40641662 20190104
CAT-QuickHeal Trojan.IGENERIC 20190103
ClamAV Win.Trojan.Emotet-6707392-0 20190104
Comodo Malware@#28achi68w9yyy 20190104
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.899971 20180225
Cylance Unsafe 20190104
Cyren W32/Trojan.YDAP-1898 20190104
Emsisoft Trojan.GenericKD.40641662 (B) 20190104
Endgame malicious (high confidence) 20181108
ESET-NOD32 Win32/Emotet.BR 20190104
F-Prot W32/Emotet.WY 20190104
Fortinet W32/Emotet.BR!tr 20190104
GData Win32.Trojan-Spy.Emotet.R3NVIY 20190104
Ikarus Trojan-Banker.Emotet 20190104
Sophos ML heuristic 20181128
K7AntiVirus Trojan ( 0053bc121 ) 20190104
K7GW Trojan ( 0053bc121 ) 20190104
Kaspersky Trojan-Banker.Win32.Emotet.bkdk 20190104
Malwarebytes Trojan.Emotet 20190104
MAX malware (ai score=94) 20190104
McAfee Generic.cmq 20190104
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20190104
Microsoft Trojan:Win32/Emotet.AC!bit 20190104
eScan Trojan.GenericKD.40641662 20190104
NANO-Antivirus Trojan.Win32.Emotet.fjpetc 20190104
Palo Alto Networks (Known Signatures) generic.ml 20190104
Panda Trj/WLT.D 20190103
Qihoo-360 Win32/Trojan.83f 20190104
Rising Trojan.Win32.Generic.1A0BE7F0 (RDM+:cmRtazr4CAD6g6p62OusTNR/H+HF) 20190104
SentinelOne (Static ML) static engine - malicious 20181223
Sophos AV Troj/Emotet-AHW 20190104
Symantec Packed.Generic.517 20190104
TACHYON Banker/W32.Emotet.151552.D 20190104
Tencent Win32.Trojan-banker.Emotet.Lndz 20190104
TheHacker Trojan/Emotet.br 20181230
Trapmine malicious.high.ml.score 20190103
TrendMicro TROJ_FRS.VSN18J18 20190104
TrendMicro-HouseCall TROJ_FRS.VSN18J18 20190104
VBA32 BScope.TrojanBanker.Emotet 20190104
VIPRE Win32.Malware!Drop 20190104
Webroot W32.Trojan.Emotet 20190104
Yandex Trojan.PWS.Emotet! 20181229
Zillya Trojan.Emotet.Win32.7297 20190103
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bkdk 20190104
Zoner Trojan.Emotet 20190104
Acronis 20181227
AegisLab 20190104
Alibaba 20180921
Avast-Mobile 20190103
Babable 20180918
Baidu 20190104
Bkav 20190103
CMC 20190103
DrWeb 20190104
eGambit 20190104
F-Secure 20190104
Jiangmin 20190104
Kingsoft 20190104
SUPERAntiSpyware 20190102
TotalDefense 20190104
Trustlook 20190104
ViRobot 20190104
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 2001

Product Java Plug-in
Original name NPJava13.dll
Internal name Java Plug-in
File version 1, 4, 2, 50
Description Java Plug-in 1.4.2_05 for Netscape Navigator (DLL Helper)
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-10-23 13:16:14
Entry Point 0x00001552
Number of sections 9
PE sections
PE imports
SetBkMode
GetTextExtentPoint32W
GetRasterizerCaps
LocalHandle
GetNativeSystemInfo
WriteProfileSectionA
GetConsoleCursorInfo
GetDateFormatA
FindResourceW
GetExitCodeThread
GetTapeStatus
GetCommandLineA
GlobalGetAtomNameA
GetThreadUILanguage
GetCurrentThreadId
SetThreadIdealProcessor
AddRefActCtx
GlobalLock
SetupSetPlatformPathOverrideW
LoadKeyboardLayoutA
SoundSentry
UnhookWinEvent
AppendMenuA
GetClassLongW
GetThreadDesktop
OffsetRect
LoadKeyboardLayoutW
GetCapture
LookupIconIdFromDirectoryEx
GetMessageTime
OpenInputDesktop
ModifyMenuA
GetClipboardSequenceNumber
GetClipboardData
strcmp
Number of PE resources by type
RT_DIALOG 20
RT_STRING 10
RT_VERSION 1
Number of PE resources by language
ENGLISH US 4
ITALIAN NEUTRAL 3
SWEDISH NEUTRAL 3
CHINESE TRADITIONAL 3
SPANISH NEUTRAL 3
GERMAN NEUTRAL 3
CHINESE SIMPLIFIED 3
JAPANESE DEFAULT 3
FRENCH NEUTRAL 3
KOREAN 3
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
139264

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.4.2.50

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Java Plug-in 1.4.2_05 for Netscape Navigator (DLL Helper)

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Latin1

LinkerVersion
11.0

EntryPoint
0x1552

OriginalFileName
NPJava13.dll

MIMEType
application/x-java-applet;version=1.3.1|application/x-java-bean;version=1.3.1|application/x-java-applet;version=1.4|application/x-java-bean;version=1.4|application/x-java-applet;version=1.4.1|application/x-java-bean;version=1.4.1

LegalCopyright
Copyright (c) 2001

FileExtents
|||||

FileOpenName
Java Applet|JavaBeans|Java Applet|JavaBeans|Java Applet|JavaBeans

FileVersion
1, 4, 2, 50

TimeStamp
2018:10:23 15:16:14+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
Java Plug-in

ProductVersion
1, 4, 2, 50

SubsystemVersion
5.1

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
JavaSoft / Sun Microsystems, Inc.

CodeSize
8192

ProductName
Java Plug-in

ProductVersionNumber
1.4.2.50

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 ae1342089997181fad739b6e46a5b388
SHA1 27d6448448dad6628609950767454a259020579e
SHA256 36416ed32c61e58b4f7ffe318308c336e4acd7681a808533d3a65014edf29c9b
ssdeep
3072:nC4LjXxGq+UQsl4WQtvKvvabkvyjPqY3w:n5jXxGHqPvyXp3

authentihash 2e9c9b68b8f2c6ab4c8ba01432b8468ec3009a5d70b7bea77526ae8c59e27951
imphash c966f18488a4c85452e9da106630e1a4
File size 148.0 KB ( 151552 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-23 13:25:15 UTC ( 3 months, 3 weeks ago )
Last submission 2019-01-24 08:14:22 UTC ( 3 weeks, 2 days ago )
File names NPJava13.dll
vuVgBEoeOCjocK8Iw.exe
Java Plug-in
ae1342089997181fad739b6e46a5b388
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!