× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 36aecd728def7150bdeac6d1786311c17561249be8fe8250b394a39086153f9f
File name: 36aecd728def7150bdeac6d1786311c17561249be8fe8250b394a39086153f9f
Detection ratio: 34 / 68
Analysis date: 2018-11-04 13:14:33 UTC ( 2 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.40674731 20181104
ALYac Trojan.GenericKD.40674731 20181104
Arcabit Trojan.Generic.D26CA5AB 20181104
AVG FileRepMalware 20181104
BitDefender Trojan.GenericKD.40674731 20181104
Bkav HW32.Packed. 20181102
Comodo UnclassifiedMalware 20181104
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.77976a 20180225
Cylance Unsafe 20181104
Emsisoft Trojan.GenericKD.40674731 (B) 20181104
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/GenKryptik.CPWH 20181104
F-Secure Trojan.GenericKD.40674731 20181104
Fortinet W32/GenKryptik.CPWH!tr 20181104
GData Trojan.GenericKD.40674731 20181104
Ikarus Trojan.Win32.Krypt 20181104
Sophos ML heuristic 20180717
K7GW Trojan ( 005403fb1 ) 20181104
Kaspersky Trojan-Banker.Win32.Emotet.bnsz 20181104
Malwarebytes Trojan.Emotet 20181104
McAfee RDN/Generic.grp 20181104
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20181104
Microsoft Trojan:Win32/Emotet.AC!bit 20181104
eScan Trojan.GenericKD.40674731 20181104
NANO-Antivirus Virus.Win32.Gen.ccmw 20181104
Palo Alto Networks (Known Signatures) generic.ml 20181104
Qihoo-360 Win32/Trojan.88c 20181104
Rising Trojan.GenKryptik!8.AA55 (CLOUD) 20181104
SentinelOne (Static ML) static engine - malicious 20181011
Sophos AV Mal/Generic-S 20181104
Symantec Trojan.Emotet 20181103
Webroot W32.Trojan.Emotet 20181104
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bnsz 20181104
AegisLab 20181104
AhnLab-V3 20181104
Alibaba 20180921
Antiy-AVL 20181104
Avast 20181104
Avast-Mobile 20181104
Avira (no cloud) 20181104
Babable 20180918
Baidu 20181102
CAT-QuickHeal 20181104
ClamAV 20181104
CMC 20181104
Cyren 20181104
DrWeb 20181104
eGambit 20181104
F-Prot 20181104
Jiangmin 20181104
K7AntiVirus 20181104
Kingsoft 20181104
MAX 20181104
Panda 20181104
SUPERAntiSpyware 20181031
Symantec Mobile Insight 20181030
TACHYON 20181104
Tencent 20181104
TheHacker 20181104
TotalDefense 20181104
TrendMicro 20181104
TrendMicro-HouseCall 20181104
Trustlook 20181104
VBA32 20181102
ViRobot 20181104
Yandex 20181102
Zillya 20181102
Zoner 20181104
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 2001

Product Sola Plug-in
Original name NPJava13.dll
Internal name Aban Plug-in
File version 1, 4, 2, 50
Description Aban Plug-in 1.4.2_05 for Netscape Navigator (DLL Helper)
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-11-02 23:30:50
Entry Point 0x000015F4
Number of sections 6
PE sections
PE imports
CryptDeriveKey
SetSecurityDescriptorOwner
RegOpenKeyA
StartServiceCtrlDispatcherA
CryptDuplicateHash
QueryServiceStatusEx
CM_Get_Sibling_Ex
CommDlgExtendedError
CertVerifyValidityNesting
CryptInstallOIDFunctionAddress
JetCloseDatabase
SetBkColor
GetCurrentObject
CreateFontA
SetColorSpace
SetPixelFormat
ImmGetGuideLineW
LocaleNameToLCID
lstrcpynW
FreeConsole
ResumeThread
Process32FirstW
WideCharToMultiByte
WriteConsoleInputA
SetConsoleMode
GetTapeStatus
GetProcessPriorityBoost
SignalObjectAndWait
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCommandLineA
BackupRead
GetDynamicTimeZoneInformation
GlobalAlloc
WriteConsoleOutputW
SetFileBandwidthReservation
MprAdminInterfaceTransportRemove
MprAdminTransportGetInfo
DsFreeNameResultW
VarBstrFromUI4
SafeArrayPutElement
VARIANT_UserMarshal
NdrPointerBufferSize
RpcNetworkIsProtseqValidW
NDRCContextBinding
NdrUserMarshalBufferSize
RpcServerListen
RpcServerRegisterAuthInfoW
RpcStringFreeW
RpcIfInqId
SetupFindNextLine
ColorRGBToHLS
AssocQueryStringA
PathStripToRootA
HashData
PathIsPrefixW
PathFileExistsA
IsWindowEnabled
SystemParametersInfoA
WaitMessage
DefRawInputProc
SetWindowRgn
GetMenu
GetListBoxInfo
GetLastActivePopup
IsCharLowerA
DrawIcon
GetWindowTextLengthW
GetCursorPos
RealChildWindowFromPoint
InsertMenuW
CheckMenuItem
GetWindowTextA
UnhookWinEvent
UnionRect
CharUpperA
CallNextHookEx
CryptSIPRemoveSignedDataMsg
CryptCATPersistStore
PropVariantClear
PdhBrowseCountersW
Number of PE resources by type
RT_DIALOG 20
RT_STRING 10
RT_VERSION 1
Number of PE resources by language
ENGLISH US 4
ITALIAN NEUTRAL 3
SWEDISH NEUTRAL 3
CHINESE TRADITIONAL 3
SPANISH NEUTRAL 3
GERMAN NEUTRAL 3
CHINESE SIMPLIFIED 3
JAPANESE DEFAULT 3
FRENCH NEUTRAL 3
KOREAN 3
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
131072

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.4.2.50

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Aban Plug-in 1.4.2_05 for Netscape Navigator (DLL Helper)

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

LinkerVersion
12.0

EntryPoint
0x15f4

OriginalFileName
NPJava13.dll

MIMEType
application/x-java-applet;version=1.3.1|application/x-java-bean;version=1.3.1|application/x-java-applet;version=1.4|application/x-java-bean;version=1.4|application/x-java-applet;version=1.4.1|application/x-java-bean;version=1.4.1

LegalCopyright
Copyright (c) 2001

FileExtents
|||||

FileOpenName
Aban Applet|JavaBeans|Sola Applet|SolaBeans|Sola Applet|SolaBeans

FileVersion
1, 4, 2, 50

TimeStamp
2018:11:02 16:30:50-07:00

FileType
Win32 EXE

PEType
PE32

InternalName
Aban Plug-in

ProductVersion
1, 4, 2, 50

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
AbanSoft / Sun Microsystems, Inc.

CodeSize
8192

ProductName
Sola Plug-in

ProductVersionNumber
1.4.2.50

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 9f36e1577976ad3bf298e30b0fe0baa2
SHA1 39bfab2a630ae696e27f7a5c3b24fc352dd63c3c
SHA256 36aecd728def7150bdeac6d1786311c17561249be8fe8250b394a39086153f9f
ssdeep
3072:OhJU4jKBPiKjGpjzQ5fmzEPbgGmEd0HIYIqED:Oxj2iKCpjEVmzSbbiHIYIl

authentihash 5b282528c673bd2b65947434fcf2756a14423050b2ccaaefbfc72e490e7c9b56
imphash 934409cbd21dc60ec0b6fc5b8b131e9a
File size 144.0 KB ( 147456 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-02 16:38:54 UTC ( 2 months, 2 weeks ago )
Last submission 2018-11-03 04:46:40 UTC ( 2 months, 2 weeks ago )
File names NPJava13.dll
Aban Plug-in
92A3686E.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!