× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 41ccfe8451e70ae90260aa63ed318cc8a749ddf556ceedb7dc9af1da34dd3c55
File name: 41ccfe8451e70ae90260aa63ed318cc8a749ddf556ceedb7dc9af1da34dd3c55
Detection ratio: 18 / 68
Analysis date: 2018-08-21 10:41:57 UTC ( 6 months ago ) View latest
Antivirus Result Update
AVG FileRepMalware 20180821
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180820
Bkav HW32.Packed. 20180820
CAT-QuickHeal Trojan.Emotet.X4 20180821
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cybereason malicious.123273 20180225
Cylance Unsafe 20180821
Endgame malicious (high confidence) 20180730
Sophos ML heuristic 20180717
McAfee GenericRXGH-QN!DE899B812327 20180821
McAfee-GW-Edition BehavesLike.Win32.Emotet.cc 20180821
Microsoft Trojan:Win32/Emotet.AC!bit 20180821
NANO-Antivirus Virus.Win32.Gen.ccmw 20180821
Palo Alto Networks (Known Signatures) generic.ml 20180821
Qihoo-360 HEUR/QVM19.1.54CF.Malware.Gen 20180821
Rising Trojan.Cloxer!8.F54F (TFE:dGZlOgJR/aAl+lrrFQ) 20180821
SentinelOne (Static ML) static engine - malicious 20180701
Symantec ML.Attribute.HighConfidence 20180821
Ad-Aware 20180821
AegisLab 20180821
AhnLab-V3 20180821
Alibaba 20180713
ALYac 20180821
Antiy-AVL 20180821
Arcabit 20180821
Avast 20180821
Avast-Mobile 20180820
Avira (no cloud) 20180821
AVware 20180821
Babable 20180725
BitDefender 20180821
ClamAV 20180821
CMC 20180821
Comodo 20180821
Cyren 20180821
DrWeb 20180821
eGambit 20180821
Emsisoft 20180821
ESET-NOD32 20180821
F-Prot 20180821
F-Secure 20180821
Fortinet 20180821
GData 20180821
Ikarus 20180821
Jiangmin 20180821
K7AntiVirus 20180821
K7GW 20180821
Kaspersky 20180821
Kingsoft 20180821
Malwarebytes 20180821
MAX 20180821
eScan 20180821
Panda 20180820
Sophos AV 20180821
SUPERAntiSpyware 20180821
Symantec Mobile Insight 20180814
TACHYON 20180821
Tencent 20180821
TheHacker 20180821
TotalDefense 20180821
TrendMicro 20180821
TrendMicro-HouseCall 20180821
Trustlook 20180821
VBA32 20180821
VIPRE 20180821
ViRobot 20180821
Webroot 20180821
Yandex 20180820
Zillya 20180820
ZoneAlarm by Check Point 20180821
Zoner 20180820
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All r

Product Microsoft
Original name PkgMgr.exe
Internal name PkgMgr.ex
File version 6.1
Description Windows P
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-06-14 09:18:59
Entry Point 0x0001D7EE
Number of sections 4
PE sections
PE imports
GetObjectType
LPtoDP
GetCommandLineA
GetSystemDefaultLCID
IsValidLocale
GetNamedPipeClientSessionId
GetConsoleWindow
InternalGetWindowText
SetScrollRange
GetScrollBarInfo
CountClipboardFormats
ChildWindowFromPoint
GetPhysicalCursorPos
GetWindow
IsWindowEnabled
GetLastInputInfo
Number of PE resources by type
RT_STRING 9
RT_DIALOG 4
RT_MENU 4
RT_BITMAP 3
RT_ACCELERATOR 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 15
HEBREW DEFAULT 7
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.6.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Windows P

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
24576

EntryPoint
0x1d7ee

OriginalFileName
PkgMgr.exe

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All r

FileVersion
6.1

TimeStamp
2011:06:14 10:18:59+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
PkgMgr.ex

ProductVersion
6.1

SubsystemVersion
5.1

OSVersion
6.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Micros

CodeSize
0

ProductName
Microsoft

ProductVersionNumber
1.6.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

Overlay parents
Compressed bundles
File identification
MD5 de899b812327353e852e8beec12c0dd2
SHA1 060da2ad582ab77fcac6bdc4344334d564e980e6
SHA256 41ccfe8451e70ae90260aa63ed318cc8a749ddf556ceedb7dc9af1da34dd3c55
ssdeep
3072:Qnt9pokq3u3675KOk7ZZi1nKQr49qScgziQuWxScnxhjf:SziNQN3SK59qHgVu8nX

authentihash 4fc299fe8e6c919f6b79cd0569f60028a0941a7a848fa6c22f11adda1993cd47
imphash e3f911c696a4e9f872767bcce1847061
File size 152.0 KB ( 155648 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-08-21 10:41:57 UTC ( 6 months ago )
Last submission 2018-08-21 14:46:07 UTC ( 6 months ago )
File names 4.exe
cWeI5cAMzighwef.bin
1314621.exe
6173200.exe
73388859.exe
isvcowin.exe
royaleicons.exe
88050.exe
2.exe
0715.exe
PkgMgr.ex
primeentry.exe
05781.exe
092013.exe
25.exe
39.exe
66.exe
003.exe
720.exe
20164.exe
537884.exe
PkgMgr.exe
7.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!