× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 40d71c1ad0228d8b046ae5fa17ad8f772fbc23e528d4209292b97c378859b220
File name: bWl15HY.exe
Detection ratio: 23 / 70
Analysis date: 2019-01-11 08:10:38 UTC ( 1 month ago ) View latest
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Emotet.R251442 20190111
Comodo Packed.Win32.TDSS.~AA@1rhbt5 20190111
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181023
Cybereason malicious.b19226 20190109
eGambit Unsafe.AI_Score_99% 20190111
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GOND 20190111
Fortinet W32/Kryptik.GOKZ!tr 20190111
Sophos ML heuristic 20181128
K7GW Riskware ( 0040eff71 ) 20190111
Kaspersky Trojan-Banker.Win32.Emotet.byuu 20190111
Malwarebytes Trojan.Emotet 20190111
McAfee Emotet-FLN!12448847528E 20190111
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20190111
Microsoft Trojan:Win32/Emotet.AC!bit 20190111
Palo Alto Networks (Known Signatures) generic.ml 20190111
Qihoo-360 Win32/Trojan.5a7 20190111
Rising Trojan.Azden!8.F0E3 (TFE:dGZlOgOTL6G7k83BVA) 20190111
Sophos AV Mal/Generic-S 20190111
Symantec Packed.Generic.517 20190110
Trapmine malicious.moderate.ml.score 20190103
Webroot W32.Trojan.Emotet 20190111
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.byuu 20190111
Acronis 20190110
Ad-Aware 20190111
AegisLab 20190111
Alibaba 20180921
ALYac 20190111
Antiy-AVL 20190111
Arcabit 20190111
Avast 20190111
Avast-Mobile 20190111
AVG 20190111
Avira (no cloud) 20190111
AVware 20180925
Babable 20180918
Baidu 20190111
BitDefender 20190111
Bkav 20190108
CAT-QuickHeal 20190110
CMC 20190110
Cyren 20190111
DrWeb 20190111
Emsisoft 20190111
F-Prot 20190111
F-Secure 20190111
GData 20190111
Ikarus 20190110
Jiangmin 20190111
K7AntiVirus 20190111
Kingsoft 20190111
MAX 20190111
eScan 20190111
NANO-Antivirus 20190111
Panda 20190110
SentinelOne (Static ML) 20181223
SUPERAntiSpyware 20190109
TACHYON 20190111
Tencent 20190111
TheHacker 20190106
TotalDefense 20190111
TrendMicro 20190111
TrendMicro-HouseCall 20190111
Trustlook 20190111
VBA32 20190110
VIPRE 20190111
ViRobot 20190111
Yandex 20190110
Zillya 20190110
Zoner 20190111
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright c 2000

Product Ulead VerCheck
Original name VerCheck.exe
Internal name VerCheck
File version 4, 0, 0, 0
Description VerCheck
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-01-11 07:55:37
Entry Point 0x00002785
Number of sections 5
PE sections
PE imports
IsValidAcl
LookupPrivilegeDisplayNameA
GetWindowsAccountDomainSid
GetServiceKeyNameA
GetSidIdentifierAuthority
FindTextW
GetFileTitleW
GetLogColorSpaceA
LineTo
FrameRgn
GetTextFaceW
GetCharWidthW
GetTextCharset
GetBitmapBits
DefineDosDeviceW
FlushConsoleInputBuffer
GetConsoleOutputCP
GetConsoleFontSize
lstrlenA
GetConsoleCP
ExitProcess
GetCurrentProcess
GetConsoleMode
GetSystemDefaultLCID
FreeEnvironmentStringsW
VerifyScripts
FillConsoleOutputAttribute
GetCurrentThread
lstrcpynW
GetTimeFormatW
GetTempPathA
GetFileSizeEx
ExpandEnvironmentStringsW
GetSystemDefaultUILanguage
FreeConsole
GetFileInformationByHandle
GetCommConfig
GetModuleHandleW
LocalFree
GetEnvironmentVariableA
GetConsoleWindow
GetCurrentConsoleFont
GetLongPathNameA
GetErrorInfo
ExtractAssociatedIconA
ExtractIconW
FindExecutableA
ExtractAssociatedIconW
GetMenuStringA
LookupIconIdFromDirectory
LoadMenuA
GetUserObjectInformationA
DefWindowProcW
DefFrameProcA
CreateIconFromResource
LockWindowUpdate
GetMenuItemCount
DefMDIChildProcA
LoadKeyboardLayoutA
GetProcessWindowStation
GetClassLongA
GetKeyState
GetPrinterDriverW
GetPrinterW
strtod
mbtowc
fputws
strtoul
GetConvertStg
FaultInIEFeature
Number of PE resources by type
RT_BITMAP 2
RT_VERSION 1
Number of PE resources by language
ENGLISH US 3
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.1

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
VerCheck

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
155648

EntryPoint
0x2785

OriginalFileName
VerCheck.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright c 2000

FileVersion
4, 0, 0, 0

TimeStamp
2019:01:11 08:55:37+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
VerCheck

ProductVersion
1, 0, 0, 1

SubsystemVersion
4.0

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Ulead

CodeSize
20480

ProductName
Ulead VerCheck

ProductVersionNumber
1.0.0.1

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 12448847528e24073aad197cbaff38a8
SHA1 c48f688b19226d20677b64ea43f626baa317a27e
SHA256 40d71c1ad0228d8b046ae5fa17ad8f772fbc23e528d4209292b97c378859b220
ssdeep
1536:9BmNNlgMTJ7w/9UuVUa9Q8iXDI6vLbI/aHF9vdkvTFwTIedoDjgi52IWcuPuPPui:9BE2OJ4UuVf0DIc5QFwhsjN2ii3AZ

authentihash 31636151d58d77479ad04cc12969ae381d28fa4f92018efbff86890e22336a7d
imphash de05e646e5413bcd4515df096971e485
File size 168.0 KB ( 172032 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2019-01-10 23:56:42 UTC ( 1 month, 1 week ago )
Last submission 2019-01-10 23:56:42 UTC ( 1 month, 1 week ago )
File names bWl15HY.exe
VerCheck
VerCheck.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!