× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3af9dbc95936f8d7ddf5076c84b66d4c35782ece3afbdd9f951cc9a5b30043b7
File name: FC370FEA.exe
Detection ratio: 38 / 68
Analysis date: 2018-10-19 01:10:55 UTC ( 4 months ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Ser.Razy.709 20181019
ALYac Gen:Variant.Ser.Razy.709 20181018
Antiy-AVL Trojan/Win32.Azden 20181019
Arcabit Trojan.Ser.Razy.709 20181018
Avast Win32:Malware-gen 20181019
AVG Win32:Malware-gen 20181019
BitDefender Gen:Variant.Ser.Razy.709 20181019
CAT-QuickHeal Trojan.Emotet.X4 20181018
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cylance Unsafe 20181019
Emsisoft Gen:Variant.Ser.Razy.709 (B) 20181019
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Kryptik.GLTP 20181018
F-Secure Gen:Variant.Ser.Razy.709 20181018
Fortinet W32/GenKryptik.COGQ!tr 20181018
GData Gen:Variant.Ser.Razy.709 20181019
Ikarus Trojan-Banker.Emotet 20181018
Sophos ML heuristic 20180717
K7AntiVirus Trojan ( 0053f23b1 ) 20181018
K7GW Trojan ( 0053f23b1 ) 20181018
Kaspersky Trojan-Banker.Win32.Emotet.bizu 20181018
Malwarebytes Trojan.Emotet 20181019
MAX malware (ai score=87) 20181019
McAfee Artemis!5A0425B48A4A 20181018
McAfee-GW-Edition Artemis 20181018
Microsoft Trojan:Win32/Occamy.C 20181019
eScan Gen:Variant.Ser.Razy.709 20181018
Palo Alto Networks (Known Signatures) generic.ml 20181019
Panda Trj/Genetic.gen 20181018
Qihoo-360 HEUR/QVM20.1.944D.Malware.Gen 20181019
Rising Trojan.GenKryptik!8.AA55 (CLOUD) 20181018
Sophos AV Mal/Generic-S 20181018
Symantec Trojan.Emotet 20181018
TrendMicro TrojanSpy.Win32.EMOTET.SMITHAL10 20181018
TrendMicro-HouseCall TrojanSpy.Win32.EMOTET.SMITHAL10 20181018
VBA32 BScope.TrojanBanker.Emotet 20181018
Webroot W32.Trojan.Emotet 20181019
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bizu 20181018
AegisLab 20181018
AhnLab-V3 20181018
Alibaba 20180921
Avast-Mobile 20181018
Avira (no cloud) 20181019
Babable 20180918
Baidu 20181018
Bkav 20181018
ClamAV 20181018
CMC 20181018
Cybereason 20180225
Cyren 20181019
DrWeb 20181019
eGambit 20181019
F-Prot 20181019
Jiangmin 20181018
Kingsoft 20181019
NANO-Antivirus 20181019
SentinelOne (Static ML) 20181011
SUPERAntiSpyware 20181015
Symantec Mobile Insight 20181001
TACHYON 20181018
Tencent 20181019
TheHacker 20181018
TotalDefense 20181018
Trustlook 20181019
VIPRE 20181018
ViRobot 20181018
Yandex 20181018
Zillya 20181018
Zoner 20181018
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1998-2005 Hauppauge Computer Works

Product HCWTVWND
Original name HCWTVWND.dll
Internal name HCWTVWND
File version 3, 01, 24111 PCI-USB DVBT/S PVR
Description HCWTVWND PCI-USB DVBT/S PVR
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-10-17 06:00:30
Entry Point 0x000020AB
Number of sections 6
PE sections
PE imports
SetSecurityDescriptorControl
FillRgn
GetTickCount64
SetThreadPriority
IsProcessInJob
Wow64SetThreadContext
GetModuleHandleW
GetCurrentThread
UnhookWinEvent
GetNextDlgTabItem
UnpackDDElParam
GetFocus
IsZoomed
rand
strlen
MonikerRelativePathTo
CoRegisterClassObject
Number of PE resources by type
RT_DIALOG 3
RT_VERSION 1
Number of PE resources by language
ENGLISH US 4
PE resources
ExifTool file metadata
UninitializedDataSize
4294967295

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.1.24111.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
HCWTVWND PCI-USB DVBT/S PVR

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
462848

EntryPoint
0x20ab

OriginalFileName
HCWTVWND.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright 1998-2005 Hauppauge Computer Works

FileVersion
3, 01, 24111 PCI-USB DVBT/S PVR

TimeStamp
2018:10:17 08:00:30+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
HCWTVWND

ProductVersion
3, 01, 24111 PCI-USB DVBT/S PVR

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Hauppauge Computer Works

CodeSize
9216

ProductName
HCWTVWND

ProductVersionNumber
3.1.24111.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 5a0425b48a4a59bc4faab6e3d64f231f
SHA1 5c82efb515ae01ece29966c5dcf981c83e812bd6
SHA256 3af9dbc95936f8d7ddf5076c84b66d4c35782ece3afbdd9f951cc9a5b30043b7
ssdeep
1536:Be+3bFWoPBo0BAaYXqx2Vj36MfG8/CGfv2rUcOyJILX8OaYVU8NK9ABnqT:Be+rFWoZo0SHXqI5P+9zA8CVU8U9ABqT

authentihash 08b86a68c505ce79fbc4130bb819882c5cde46f1fa8caef2eb07aa209701b0c6
imphash 9b36c3724d806c3a4444be51292b6d21
File size 456.5 KB ( 467456 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (25.2%)
Clipper DOS Executable (25.0%)
Generic Win/DOS Executable (24.8%)
DOS Executable Generic (24.8%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-17 19:25:38 UTC ( 4 months ago )
Last submission 2018-10-17 19:25:38 UTC ( 4 months ago )
File names HCWTVWND
FC370FEA.exe
HCWTVWND.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!