× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3fb5acf416299e74e10af8e33c7d1df2d0d7882ed02a0d4d816dd2764c0d131d
File name: 63CC5788.EXE
Detection ratio: 20 / 67
Analysis date: 2018-11-20 07:12:48 UTC ( 3 months ago ) View latest
Antivirus Result Update
AegisLab Trojan.Win32.Generic.4!c 20181120
Avast FileRepMalware 20181120
AVG FileRepMalware 20181120
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cylance Unsafe 20181120
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/GenKryptik.CRPR 20181120
Fortinet W32/GenKryptik.CRII!tr 20181120
Kaspersky UDS:DangerousObject.Multi.Generic 20181120
McAfee Artemis!F9355261B03B 20181120
McAfee-GW-Edition BehavesLike.Win32.Fujacks.tz 20181120
Microsoft Trojan:Win32/Emotet.AC!bit 20181120
NANO-Antivirus Virus.Win32.Gen.ccmw 20181120
Palo Alto Networks (Known Signatures) generic.ml 20181120
Qihoo-360 HEUR/QVM19.1.5366.Malware.Gen 20181120
Rising Trojan.Kryptik!8.8 (TFE:3:7iVyW575MfF) 20181120
SentinelOne (Static ML) static engine - malicious 20181011
Symantec ML.Attribute.HighConfidence 20181120
Webroot W32.Trojan.Emotet 20181120
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20181120
Ad-Aware 20181120
AhnLab-V3 20181120
Alibaba 20180921
ALYac 20181120
Antiy-AVL 20181120
Arcabit 20181120
Avast-Mobile 20181119
Avira (no cloud) 20181120
Babable 20180918
Baidu 20181120
BitDefender 20181120
Bkav 20181119
CAT-QuickHeal 20181120
ClamAV 20181119
CMC 20181119
Cybereason 20180225
Cyren 20181120
DrWeb 20181120
eGambit 20181120
Emsisoft 20181120
F-Prot 20181120
F-Secure 20181120
GData 20181120
Ikarus 20181119
Sophos ML 20181108
Jiangmin 20181120
K7AntiVirus 20181120
K7GW 20181120
Kingsoft 20181120
Malwarebytes 20181120
MAX 20181120
eScan 20181120
Panda 20181119
Sophos AV 20181120
SUPERAntiSpyware 20181114
Symantec Mobile Insight 20181108
TACHYON 20181120
Tencent 20181120
TheHacker 20181118
TotalDefense 20181118
TrendMicro 20181120
TrendMicro-HouseCall 20181120
Trustlook 20181120
VBA32 20181119
ViRobot 20181120
Yandex 20181119
Zillya 20181119
Zoner 20181120
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) Musicmatch 1998-2003

Product Musicmatch® Jukebox
Original name mmgit.dll
Internal name mmgit.dll
File version 6.1.7600
Description ApiSet Stub DLL
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-11-20 05:20:34
Entry Point 0x000BE443
Number of sections 5
PE sections
PE imports
EnumServicesStatusA
GetTextCharsetInfo
MoveToEx
GetWindowExtEx
DeleteObject
GetShortPathNameW
GetModuleHandleA
GetCurrentDirectoryA
SetConsoleCursorInfo
GetUserDefaultLCID
VirtualAlloc
GetDlgCtrlID
CreateCaret
UserHandleGrantAccess
RegisterRawInputDevices
GetComboBoxInfo
IsChild
Number of PE resources by type
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.3.0.44

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
ApiSet Stub DLL

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
294912

EntryPoint
0xbe443

OriginalFileName
mmgit.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) Musicmatch 1998-2003

FileVersion
6.1.7600

TimeStamp
2018:11:20 06:20:34+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
mmgit.dll

ProductVersion
1.03.0044

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Musicmatch , Inc.

CodeSize
782336

ProductName
Musicmatch Jukebox

ProductVersionNumber
1.3.0.44

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 f9355261b03b6c3dbfbf217f85126125
SHA1 1afdf296c184b43831d19eb54b31ee2215918cdf
SHA256 3fb5acf416299e74e10af8e33c7d1df2d0d7882ed02a0d4d816dd2764c0d131d
ssdeep
3072:ZznPLpsovDULp4EOk5Nmq37VvxCYDufDBmoL+yMH0isIqMEP8JGwKWJw0:Zzn9wkk5ZVG+yMU7NEJe

authentihash 3d53c72295a7ca2a95e8cc10534ca525eaae5e857ee75f89b321877d52c86c45
imphash 5fbfde064e3ba7a3d3c6f04b5b5e8894
File size 1.0 MB ( 1073152 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-20 05:23:40 UTC ( 3 months ago )
Last submission 2018-11-20 08:02:49 UTC ( 3 months ago )
File names 187771.exe
329B4579.EXE
MyxPnJppdg5Y.exe
mmgit.dll
63CC5788.EXE
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.