× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 40166192f3424b5f81b4f230fe1053527f6989a315d01c4f125712e20fd3551a
File name: 40166192f3424b5f81b4f230fe1053527f6989a315d01c4f125712e20fd3551a
Detection ratio: 46 / 70
Analysis date: 2018-12-19 17:53:27 UTC ( 2 months ago )
Antivirus Result Update
Acronis malware 20180726
Ad-Aware Trojan.GenericKD.31422735 20181219
AhnLab-V3 Trojan/Win32.Emotet.R249146 20181219
ALYac Trojan.GenericKD.31422735 20181219
Antiy-AVL Trojan[Banker]/Win32.Emotet 20181219
Arcabit Trojan.Generic.D1DF790F 20181219
Avast Win32:Evo-gen [Susp] 20181219
AVG FileRepMalware 20181219
BitDefender Trojan.GenericKD.31422735 20181219
CAT-QuickHeal Trojan.Emotet.X4 20181219
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cylance Unsafe 20181219
Cyren W32/Trojan.KHKJ-5738 20181219
Emsisoft Trojan.Emotet (A) 20181219
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GNWN 20181219
F-Secure Trojan.GenericKD.31422735 20181219
Fortinet W32/GenKryptik.CUHC!tr 20181219
GData Win32.Trojan-Spy.Emotet.1YSOPR 20181219
Ikarus Trojan-Banker.Emotet 20181219
Sophos ML heuristic 20181128
K7AntiVirus Trojan ( 00543d9d1 ) 20181219
K7GW Trojan ( 00543d9d1 ) 20181219
Kaspersky Trojan-Banker.Win32.Emotet.bvmz 20181219
Malwarebytes Trojan.Emotet 20181219
MAX malware (ai score=100) 20181219
McAfee Emotet-FLD!C29687FB18A4 20181219
McAfee-GW-Edition BehavesLike.Win32.Generic.ch 20181219
Microsoft Trojan:Win32/Occamy.C 20181219
eScan Trojan.GenericKD.31422735 20181219
Palo Alto Networks (Known Signatures) generic.ml 20181219
Panda Trj/GdSda.A 20181219
Qihoo-360 Win32/Trojan.c84 20181219
Rising Trojan.Fuerboos!8.EFC8 (CLOUD) 20181219
SentinelOne (Static ML) static engine - malicious 20181011
Sophos AV Mal/EncPk-ANY 20181219
Symantec Trojan.Gen.2 20181219
TACHYON Banker/W32.Emotet.155648.BD 20181219
Tencent Win32.Trojan-banker.Emotet.Sxny 20181219
Trapmine malicious.high.ml.score 20181205
TrendMicro TROJ_GEN.USLH18 20181219
TrendMicro-HouseCall TROJ_GEN.USLH18 20181219
VBA32 BScope.TrojanBanker.Emotet 20181219
ViRobot Trojan.Win32.Z.Fuerboos.155648.F 20181219
Webroot W32.Trojan.Emotet 20181219
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bvmz 20181219
AegisLab 20181219
Alibaba 20180921
Avast-Mobile 20181219
Avira (no cloud) 20181219
Babable 20180918
Baidu 20181207
Bkav 20181219
ClamAV 20181219
CMC 20181218
Comodo 20181219
Cybereason 20180225
DrWeb 20181219
eGambit 20181219
F-Prot 20181219
Jiangmin 20181219
Kingsoft 20181219
NANO-Antivirus 20181219
SUPERAntiSpyware 20181212
Symantec Mobile Insight 20181215
TheHacker 20181216
TotalDefense 20181219
Trustlook 20181219
Yandex 20181219
Zillya 20181219
Zoner 20181219
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1996-2001 Microsoft Corporation.

Product Twain Thunker
Internal name msencode
File version 2001072500
Description Twain.dll Client's 32-Bit
Comments
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-08-04 07:56:09
Entry Point 0x0000774E
Number of sections 6
PE sections
PE imports
CertDuplicateCTLContext
GetColorAdjustment
EndPath
GetModuleHandleW
SetCurrentConsoleFontEx
NetLocalGroupGetInfo
BeginPaint
PackDDElParam
Ord(30)
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
LegalTrademarks
Microsoft is a registered trademark of Microsoft Corporation.

SubsystemVersion
5.0

InitializedDataSize
62976

ImageVersion
0.0

ProductName
Twain Thunker

FileVersionNumber
2001.7.25.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

LinkerVersion
7.1

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
2001072500

TimeStamp
2004:08:04 08:56:09+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
msencode

ProductVersion
10.0

FileDescription
Twain.dll Client's 32-Bit

OSVersion
5.0

FileOS
Windows 16-bit

LegalCopyright
Copyright 1996-2001 Microsoft Corporation.

MachineType
Intel 386 or later, and compatibles

CompanyName
Twain Working Group

CodeSize
36864

FileSubtype
0

ProductVersionNumber
10.0.0.0

EntryPoint
0x774e

ObjectFileType
Dynamic link library

File identification
MD5 c29687fb18a434af9bb87bcbe405e328
SHA1 b0d1102ada8c38cc3ff86c6201e95c171366086a
SHA256 40166192f3424b5f81b4f230fe1053527f6989a315d01c4f125712e20fd3551a
ssdeep
1536:VJYxRiNxzdM1eFuLL2Vbk/VCW6kkj1Ko6J1OcLHBEr9eZ/OtIj9iwllNvowQOPf:8cPUTLKVbk/VCW6kkjg1fHBm8pTbv

authentihash 859138562a0bcabdd44d1d124df7119ca375285a7232ed35a61bbd8ee9b02579
imphash be428acbc14620fe780f88281831675b
File size 152.0 KB ( 155648 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-17 13:58:38 UTC ( 2 months ago )
Last submission 2018-12-19 17:53:27 UTC ( 2 months ago )
File names msencode
16.exe
336503.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!