× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3950cb9f0e3283fe2e8311c925edc428c73f6a014fa83e03c82586144532ede6
File name: DYNAMICLANES.EXE
Detection ratio: 47 / 69
Analysis date: 2018-10-06 02:03:27 UTC ( 4 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Ser.Razy.581 20181006
AhnLab-V3 Trojan/Win32.Emotet.R238448 20181005
ALYac Gen:Variant.Ser.Razy.581 20181005
Antiy-AVL Trojan/Win32.Fuerboos 20181005
Arcabit Trojan.Ser.Razy.581 20181006
Avast Win32:Malware-gen 20181006
AVG Win32:Malware-gen 20181006
Avira (no cloud) HEUR/AGEN.1024082 20181005
BitDefender Gen:Variant.Ser.Razy.581 20181006
Bkav HW32.Packed. 20181005
CAT-QuickHeal Trojan.Emotet.X4 20181005
Comodo Heur.Packed.Unknown 20181006
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cylance Unsafe 20181006
Cyren W32/Trojan.FLHS-7478 20181006
Emsisoft Gen:Variant.Ser.Razy.581 (B) 20181006
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Kryptik.GLGL 20181005
F-Prot W32/Emotet.HA.gen!Eldorado 20181006
F-Secure Gen:Variant.Ser.Razy.581 20181006
Fortinet W32/Kryptik.GLGL!tr 20181005
GData Gen:Variant.Ser.Razy.581 20181006
Ikarus Trojan.Win32.Crypt 20181005
Sophos ML heuristic 20180717
K7AntiVirus Riskware ( 0040eff71 ) 20181005
K7GW Riskware ( 0040eff71 ) 20181005
Kaspersky Trojan-Banker.Win32.Emotet.bfyv 20181005
Malwarebytes Trojan.Emotet 20181005
MAX malware (ai score=100) 20181006
McAfee GenericRXGM-JB!3BB621DF726B 20181005
McAfee-GW-Edition BehavesLike.Win32.Generic.cc 20181005
Microsoft Trojan:Win32/Occamy.C 20181006
eScan Gen:Variant.Ser.Razy.581 20181006
NANO-Antivirus Trojan.Win32.Emotet.fiqwhx 20181005
Palo Alto Networks (Known Signatures) generic.ml 20181006
Panda Trj/CI.A 20181005
Qihoo-360 HEUR/QVM20.1.40C1.Malware.Gen 20181006
Rising Trojan.Emotet!8.B95 (CLOUD) 20181005
SentinelOne (Static ML) static engine - malicious 20180926
Sophos AV Mal/EncPk-ANR 20181005
Symantec ML.Attribute.HighConfidence 20181005
TACHYON Trojan/W32.Agent.106496.CXU 20181006
TrendMicro TROJ_GEN.R002C0RJ218 20181006
TrendMicro-HouseCall TROJ_GEN.R002C0RJ218 20181006
VBA32 Malware-Cryptor.Limpopo 20181005
Webroot W32.Trojan.Emotet 20181006
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bfyv 20181006
AegisLab 20181006
Alibaba 20180921
Avast-Mobile 20181005
AVware 20180925
Babable 20180918
Baidu 20180930
ClamAV 20181005
CMC 20181005
Cybereason 20180225
DrWeb 20181006
eGambit 20181006
Jiangmin 20181006
Kingsoft 20181006
SUPERAntiSpyware 20181005
Symantec Mobile Insight 20181001
Tencent 20181006
TheHacker 20181001
TotalDefense 20181005
Trustlook 20181006
VIPRE 20181005
ViRobot 20181005
Yandex 20181005
Zillya 20181005
Zoner 20181005
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-10-01 18:30:13
Entry Point 0x00018115
Number of sections 4
PE sections
PE imports
QueryUsersOnEncryptedFile
CryptStringToBinaryA
GetTextExtentExPointI
GetSystemPaletteEntries
GetSystemTimes
GetModuleHandleA
FlushFileBuffers
SetFileBandwidthReservation
GetCommandLineA
SysAllocStringByteLen
BeginDeferWindowPos
GetProcessWindowStation
GetScrollPos
GetUrlCacheEntryInfoExA
OpenPrinterW
Number of PE resources by type
RT_BITMAP 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:10:01 20:30:13+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
99840

LinkerVersion
12.0

ImageFileCharacteristics
No relocs, Executable, 32-bit

Warning
Possibly corrupt Version resource

EntryPoint
0x18115

InitializedDataSize
1454080

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.2

UninitializedDataSize
4294967295

File identification
MD5 3bb621df726b21d1af62a1c006e18646
SHA1 aa579af94270b993b18490a6edd3c84a5428612b
SHA256 3950cb9f0e3283fe2e8311c925edc428c73f6a014fa83e03c82586144532ede6
ssdeep
3072:21GIN7KExGOLm41N7NYIND21R5FBqfz4fIPzv2:2QyuqGOq41N6I05BIP7

authentihash 3252cdb32f3e71169f3f05ad3ae8ef026d77fbe8b8ddec546074220aa0f90f09
imphash 2fc939395c6d27e179dfc6a152342fea
File size 104.0 KB ( 106496 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-02 06:08:05 UTC ( 4 months, 2 weeks ago )
Last submission 2018-10-02 06:08:05 UTC ( 4 months, 2 weeks ago )
File names DYNAMICLANES.EXE
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!