× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3c4df18e8fc2a72547419ed33d0fffa2a15b62e8cd122359f4390762080b6417
File name: 3c4df18e8fc2a72547419ed33d0fffa2a15b62e8cd122359f4390762080b6417
Detection ratio: 24 / 71
Analysis date: 2019-01-15 22:12:29 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
Acronis suspicious 20190111
Ad-Aware Gen:Variant.Razy.450402 20190115
ALYac Gen:Variant.Razy.450402 20190115
Arcabit Trojan.Razy.D6DF62 20190115
Avast FileRepMalware 20190115
AVG FileRepMalware 20190115
Avira (no cloud) TR/Crypt.ZPACK.Gen 20190115
BitDefender Gen:Variant.Razy.450402 20190115
Bkav HW32.Packed. 20190108
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181023
Cylance Unsafe 20190115
Emsisoft Gen:Variant.Razy.450402 (B) 20190114
Endgame malicious (high confidence) 20181108
GData Gen:Variant.Razy.450402 20190115
Sophos ML heuristic 20181128
MAX malware (ai score=82) 20190115
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20190115
Microsoft Trojan:Win32/Emotet 20190114
eScan Gen:Variant.Razy.450402 20190114
Qihoo-360 HEUR/QVM20.1.926F.Malware.Gen 20190115
Rising Trojan.Emotet!8.B95/N3#97% (RDM+:cmRtazo3eGHvvbqDbv0nlOyWA+Fi) 20190115
SentinelOne (Static ML) static engine - malicious 20181223
Symantec ML.Attribute.HighConfidence 20190115
Trapmine malicious.high.ml.score 20190103
AegisLab 20190115
AhnLab-V3 20190114
Alibaba 20180921
Antiy-AVL 20190115
Avast-Mobile 20190115
Babable 20180918
Baidu 20190115
CAT-QuickHeal 20190114
ClamAV 20190115
CMC 20190114
Comodo 20190114
Cybereason 20190109
Cyren 20190115
DrWeb 20190114
eGambit 20190115
ESET-NOD32 20190114
F-Prot 20190115
F-Secure 20190114
Fortinet 20190114
Ikarus 20190115
Jiangmin 20190115
K7AntiVirus 20190115
K7GW 20190115
Kaspersky 20190115
Kingsoft 20190115
Malwarebytes 20190115
McAfee 20190115
NANO-Antivirus 20190114
Palo Alto Networks (Known Signatures) 20190115
Panda 20190114
Sophos AV 20190115
SUPERAntiSpyware 20190109
TACHYON 20190115
Tencent 20190115
TheHacker 20190115
TotalDefense 20190115
TrendMicro 20190115
TrendMicro-HouseCall 20190115
Trustlook 20190115
VBA32 20190115
VIPRE 20190115
ViRobot 20190115
Webroot 20190115
Yandex 20190111
Zillya 20190115
ZoneAlarm by Check Point 20190115
Zoner 20190115
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1995-1997 Peter Mattis, Spencer Kimball and Josh MacDonald. Copyright © 1998 Sebastian Wilhelmi. Modified by the GLib Team and others 1997-2000.

Product GLib
Original name libgthread-2.0-0.dll
Internal name libgthread-2.0-0
File version 2.4.2.0
Description GThread
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-06-18 00:54:48
Entry Point 0x00003AE0
Number of sections 10
PE sections
PE imports
PaintRgn
SetBitmapDimensionEx
GetLastError
TlsFree
ReadFile
GlobalAlloc
GetTickCount
IsProcessInJob
GetSystemTimeAsFileTime
GetCommandLineA
CancelSynchronousIo
GetTapeStatus
VarCyFromI1
I_RpcServerSetAddressChangeFn
GetCursorPos
GetKeyboardType
BeginDeferWindowPos
GetFocus
GetMenuItemRect
InternetOpenUrlW
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
2.56

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.4.2.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
GThread

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
143360

EntryPoint
0x3ae0

OriginalFileName
libgthread-2.0-0.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright 1995-1997 Peter Mattis, Spencer Kimball and Josh MacDonald. Copyright 1998 Sebastian Wilhelmi. Modified by the GLib Team and others 1997-2000.

FileVersion
2.4.2.0

TimeStamp
2004:06:17 17:54:48-07:00

FileType
Win32 EXE

PEType
PE32

InternalName
libgthread-2.0-0

ProductVersion
2.4.2

SubsystemVersion
6.0

OSVersion
6.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
The GLib developer community

CodeSize
12288

ProductName
GLib

ProductVersionNumber
2.4.2.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

Execution parents
File identification
MD5 85612856584098e467478a5683865caa
SHA1 e65b73796ca1e166e532c049f7436b0f41442b4c
SHA256 3c4df18e8fc2a72547419ed33d0fffa2a15b62e8cd122359f4390762080b6417
ssdeep
3072:3iCwEc3zAIo3JEh/mllCrH6N0okggsPRbptSp3E2nq:3iCwp3o3KsmHBQ5RVtSv

authentihash 056f89af4c2eaa99a15807e5639e94df4466973799520e76d2192c1189cfb44a
imphash 1ec3174af218c1fb04d41095be8ce08b
File size 148.0 KB ( 151552 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2019-01-15 22:10:16 UTC ( 1 month, 1 week ago )
Last submission 2019-01-16 12:01:23 UTC ( 1 month ago )
File names libgthread-2.0-0.dll
hZf9Z.exe
czDAauMH4Zs.exe
450.exe
emotet_e1_3c4df18e8fc2a72547419ed33d0fffa2a15b62e8cd122359f4390762080b6417_2019-01-15__221001.exe_
libgthread-2.0-0
5O8uZAr8LI.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!