× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3c98985683fb779e67c32e24918c1872374ffabda8a367e8154b3908a3103bb2
File name: qMo94VmMgM8ufTQ8B.exe
Detection ratio: 23 / 65
Analysis date: 2018-11-12 07:05:38 UTC ( 3 months, 1 week ago ) View latest
Antivirus Result Update
AegisLab Trojan.Win32.Generic.ljju 20181112
Avast FileRepMalware 20181112
AVG FileRepMalware 20181112
Bkav HW32.Packed. 20181110
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.b20462 20180225
Cylance Unsafe 20181112
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/GenKryptik.CQSW 20181112
Sophos ML heuristic 20181108
K7AntiVirus Trojan ( 0053b6a31 ) 20181112
K7GW Trojan ( 0053b6a31 ) 20181109
Kaspersky UDS:DangerousObject.Multi.Generic 20181112
McAfee GenericRXGO-VQ!7299F1B153AF 20181112
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20181112
Microsoft Trojan:Win32/Emotet.AC!bit 20181112
Palo Alto Networks (Known Signatures) generic.ml 20181112
Qihoo-360 HEUR/QVM20.1.2648.Malware.Gen 20181112
Sophos AV Mal/Generic-S 20181112
Symantec ML.Attribute.HighConfidence 20181111
VBA32 Malware-Cryptor.Limpopo 20181109
Webroot W32.Trojan.Emotet 20181112
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20181112
Ad-Aware 20181112
AhnLab-V3 20181111
Alibaba 20180921
ALYac 20181112
Antiy-AVL 20181112
Arcabit 20181112
Avast-Mobile 20181111
Avira (no cloud) 20181111
Babable 20180918
Baidu 20181112
BitDefender 20181112
CAT-QuickHeal 20181111
ClamAV 20181112
CMC 20181112
Cyren 20181112
DrWeb 20181112
Emsisoft 20181112
F-Prot 20181112
F-Secure 20181112
Fortinet 20181112
GData 20181112
Ikarus 20181111
Jiangmin 20181112
Kingsoft 20181112
Malwarebytes 20181112
MAX 20181112
eScan 20181112
NANO-Antivirus 20181112
Panda 20181111
Rising 20181112
SentinelOne (Static ML) 20181011
SUPERAntiSpyware 20181107
Symantec Mobile Insight 20181108
TACHYON 20181112
Tencent 20181112
TheHacker 20181108
TrendMicro 20181112
TrendMicro-HouseCall 20181112
Trustlook 20181112
ViRobot 20181112
Yandex 20181109
Zillya 20181109
Zoner 20181112
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft

Product Sola Plug-in
Original name msiltcfg.dl
Internal name Aban Plug-in
File version 1, 4, 2, 50
Description Window I Stub
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1995-06-10 08:02:18
Entry Point 0x000015DB
Number of sections 6
PE sections
PE imports
CloseServiceHandle
QueryUsersOnEncryptedFile
ImageList_Draw
CertAddStoreToCollection
SetBitmapBits
SwapBuffers
CloseEnhMetaFile
SetViewportOrgEx
GetSystemTime
SetupComm
UnlockFile
GetThreadPriority
ReleaseMutex
GetNumberOfConsoleMouseButtons
GlobalAlloc
AllocConsole
GlobalMemoryStatusEx
GetCommMask
GetCommandLineA
FindFirstFileNameTransactedW
VARIANT_UserMarshal
VarI2FromDate
NdrConformantArrayBufferSize
StrToIntW
IsClipboardFormatAvailable
DestroyAcceleratorTable
SetMenuItemBitmaps
IsDlgButtonChecked
DrawIcon
IsZoomed
GetWindowDC
GetMenuCheckMarkDimensions
SetProcessWindowStation
wsprintfW
CheckDlgButton
CryptCATAdminEnumCatalogFromHash
Number of PE resources by type
RT_DIALOG 20
RT_STRING 10
RT_VERSION 1
Number of PE resources by language
ENGLISH US 4
ITALIAN NEUTRAL 3
SWEDISH NEUTRAL 3
CHINESE TRADITIONAL 3
SPANISH NEUTRAL 3
GERMAN NEUTRAL 3
CHINESE SIMPLIFIED 3
JAPANESE DEFAULT 3
FRENCH NEUTRAL 3
KOREAN 3
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
143360

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.4.2.50

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Window I Stub

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

LinkerVersion
12.0

EntryPoint
0x15db

OriginalFileName
msiltcfg.dl

MIMEType
application/x-java-applet;version=1.3.1|application/x-java-bean;version=1.3.1|application/x-java-applet;version=1.4|application/x-java-bean;version=1.4|application/x-java-applet;version=1.4.1|application/x-java-bean;version=1.4.1

LegalCopyright
Microsoft

FileExtents
|||||

FileOpenName
Aban Applet|JavaBeans|Sola Applet|SolaBeans|Sola Applet|SolaBeans

FileVersion
1, 4, 2, 50

TimeStamp
1995:06:10 10:02:18+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
Aban Plug-in

ProductVersion
1, 4, 2, 50

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
AbanSoft / Sun Microsystems, Inc.

CodeSize
12288

ProductName
Sola Plug-in

ProductVersionNumber
1.4.2.50

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 7299f1b153afc7daf6ba08acbb892b26
SHA1 955648bb20462410f773285261941ef93c4f3d86
SHA256 3c98985683fb779e67c32e24918c1872374ffabda8a367e8154b3908a3103bb2
ssdeep
1536:85+4QqVm/7IumzcZAC9FBhRsqingfy+wnda0nfQOM2i5e7NAnKtc2LJ7LxzNW:a+4HV6oqFPCqJqLNvi5eJAnEcyndNW

authentihash c10bcd1c014ca4e1f2cb27a55edfcc1e11abf154314003345c2f32d5967d875c
imphash 36d69485b73b13802e545b8ce66e91e8
File size 148.0 KB ( 151552 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-12 04:38:42 UTC ( 3 months, 1 week ago )
Last submission 2018-11-12 04:38:42 UTC ( 3 months, 1 week ago )
File names 65826750.exe
msiltcfg.dl
qMo94VmMgM8ufTQ8B.exe
54585680.exe
Aban Plug-in
54847824.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!