× Cookies are disabled! This site requires cookies to be enabled to work properly
VirusTotal
SHA256: 36416ed32c61e58b4f7ffe318308c336e4acd7681a808533d3a65014edf29c9b
File name: 36416ed32c61e58b4f7ffe318308c336e4acd7681a808533d3a65014edf29c9b
Detection ratio: 54 / 71
Analysis date: 2019-01-04 11:47:48 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.40641662 20190104
AhnLab-V3 Trojan/Win32.Emotet.R234758 20190104
ALYac Trojan.GenericKD.40641662 20190104
Antiy-AVL Trojan[Banker]/Win32.Emotet 20190104
Arcabit Trojan.Generic.D26C247E 20190104
Avast Win32:BankerX-gen [Trj] 20190104
AVG Win32:BankerX-gen [Trj] 20190104
Avira (no cloud) TR/Emotet.fsq 20190104
BitDefender Trojan.GenericKD.40641662 20190104
CAT-QuickHeal Trojan.IGENERIC 20190103
ClamAV Win.Trojan.Emotet-6707392-0 20190104
Comodo Malware@#28achi68w9yyy 20190104
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.899971 20180225
Cylance Unsafe 20190104
Cyren W32/Trojan.YDAP-1898 20190104
Emsisoft Trojan.GenericKD.40641662 (B) 20190104
Endgame malicious (high confidence) 20181108
ESET-NOD32 Win32/Emotet.BR 20190104
F-Prot W32/Emotet.WY 20190104
Fortinet W32/Emotet.BR!tr 20190104
GData Win32.Trojan-Spy.Emotet.R3NVIY 20190104
Ikarus Trojan-Banker.Emotet 20190104
Sophos ML heuristic 20181128
K7AntiVirus Trojan ( 0053bc121 ) 20190104
K7GW Trojan ( 0053bc121 ) 20190104
Kaspersky Trojan-Banker.Win32.Emotet.bkdk 20190104
Malwarebytes Trojan.Emotet 20190104
MAX malware (ai score=94) 20190104
McAfee Generic.cmq 20190104
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20190104
Microsoft Trojan:Win32/Emotet.AC!bit 20190104
eScan Trojan.GenericKD.40641662 20190104
NANO-Antivirus Trojan.Win32.Emotet.fjpetc 20190104
Palo Alto Networks (Known Signatures) generic.ml 20190104
Panda Trj/WLT.D 20190103
Qihoo-360 Win32/Trojan.83f 20190104
Rising Trojan.Win32.Generic.1A0BE7F0 (RDM+:cmRtazr4CAD6g6p62OusTNR/H+HF) 20190104
SentinelOne (Static ML) static engine - malicious 20181223
Sophos AV Troj/Emotet-AHW 20190104
Symantec Packed.Generic.517 20190104
TACHYON Banker/W32.Emotet.151552.D 20190104
Tencent Win32.Trojan-banker.Emotet.Lndz 20190104
TheHacker Trojan/Emotet.br 20181230
Trapmine malicious.high.ml.score 20190103
TrendMicro TROJ_FRS.VSN18J18 20190104
TrendMicro-HouseCall TROJ_FRS.VSN18J18 20190104
VBA32 BScope.TrojanBanker.Emotet 20190104
VIPRE Win32.Malware!Drop 20190104
Webroot W32.Trojan.Emotet 20190104
Yandex Trojan.PWS.Emotet! 20181229
Zillya Trojan.Emotet.Win32.7297 20190103
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bkdk 20190104
Zoner Trojan.Emotet 20190104
Acronis 20181227
AegisLab 20190104
Alibaba 20180921
Avast-Mobile 20190103
Babable 20180918
Baidu 20190104
Bkav 20190103
CMC 20190103
DrWeb 20190104
eGambit 20190104
F-Secure 20190104
Jiangmin 20190104
Kingsoft 20190104
SUPERAntiSpyware 20190102
TotalDefense 20190104
Trustlook 20190104
ViRobot 20190104
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 2001

Product Java Plug-in
Original name NPJava13.dll
Internal name Java Plug-in
File version 1, 4, 2, 50
Description Java Plug-in 1.4.2_05 for Netscape Navigator (DLL Helper)
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-10-23 13:16:14
Entry Point 0x00001552
Number of sections 9
PE sections
PE imports
[+] GDI32.dll
SetBkMode
GetTextExtentPoint32W
GetRasterizerCaps
[+] KERNEL32.dll
LocalHandle
GetNativeSystemInfo
WriteProfileSectionA
GetConsoleCursorInfo
GetDateFormatA
FindResourceW
GetExitCodeThread
GetTapeStatus
GetCommandLineA
GlobalGetAtomNameA
GetThreadUILanguage
GetCurrentThreadId
SetThreadIdealProcessor
AddRefActCtx
GlobalLock
[+] SETUPAPI.dll
SetupSetPlatformPathOverrideW
[+] USER32.dll
LoadKeyboardLayoutA
SoundSentry
UnhookWinEvent
AppendMenuA
GetClassLongW
GetThreadDesktop
OffsetRect
LoadKeyboardLayoutW
GetCapture
LookupIconIdFromDirectoryEx
GetMessageTime
OpenInputDesktop
ModifyMenuA
GetClipboardSequenceNumber
GetClipboardData
[+] ntdll.dll
strcmp
Number of PE resources by type
RT_DIALOG 20
RT_STRING 10
RT_VERSION 1
Number of PE resources by language
ENGLISH US 4
ITALIAN NEUTRAL 3
SWEDISH NEUTRAL 3
CHINESE TRADITIONAL 3
SPANISH NEUTRAL 3
GERMAN NEUTRAL 3
CHINESE SIMPLIFIED 3
JAPANESE DEFAULT 3
FRENCH NEUTRAL 3
KOREAN 3
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
139264

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.4.2.50

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Java Plug-in 1.4.2_05 for Netscape Navigator (DLL Helper)

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Latin1

LinkerVersion
11.0

EntryPoint
0x1552

OriginalFileName
NPJava13.dll

MIMEType
application/x-java-applet;version=1.3.1|application/x-java-bean;version=1.3.1|application/x-java-applet;version=1.4|application/x-java-bean;version=1.4|application/x-java-applet;version=1.4.1|application/x-java-bean;version=1.4.1

LegalCopyright
Copyright (c) 2001

FileExtents
|||||

FileOpenName
Java Applet|JavaBeans|Java Applet|JavaBeans|Java Applet|JavaBeans

FileVersion
1, 4, 2, 50

TimeStamp
2018:10:23 15:16:14+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
Java Plug-in

ProductVersion
1, 4, 2, 50

SubsystemVersion
5.1

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
JavaSoft / Sun Microsystems, Inc.

CodeSize
8192

ProductName
Java Plug-in

ProductVersionNumber
1.4.2.50

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 ae1342089997181fad739b6e46a5b388
SHA1 27d6448448dad6628609950767454a259020579e
SHA256 36416ed32c61e58b4f7ffe318308c336e4acd7681a808533d3a65014edf29c9b
ssdeep
3072:nC4LjXxGq+UQsl4WQtvKvvabkvyjPqY3w:n5jXxGHqPvyXp3

authentihash 2e9c9b68b8f2c6ab4c8ba01432b8468ec3009a5d70b7bea77526ae8c59e27951
imphash c966f18488a4c85452e9da106630e1a4
File size 148.0 KB ( 151552 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-23 13:25:15 UTC ( 3 months, 3 weeks ago )
Last submission 2019-01-24 08:14:22 UTC ( 3 weeks, 2 days ago )
File names NPJava13.dll
vuVgBEoeOCjocK8Iw.exe
Java Plug-in
ae1342089997181fad739b6e46a5b388
Advanced heuristic and reputation engines
F-Secure Deepguard Suspicious:W32/Malware!Online
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!
More comments

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

Sign in Join the community
No votes. No one has voted on this item yet, be the first one to do so!
More votes
Blog | Twitter | Contact us | ToS | Privacy policy