× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 43ef00b152c732b21f2a9014c1eaf79dbfe371ef02b131b757b8e8f3539f1b33
File name: SKijwU4u.exe
Detection ratio: 34 / 66
Analysis date: 2018-11-10 18:24:32 UTC ( 3 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.40741802 20181110
AegisLab Trojan.Win32.Generic.4!c 20181110
ALYac Trojan.GenericKD.40741802 20181110
Arcabit Trojan.Generic.D26DABAA 20181110
Avast Win32:BankerX-gen [Trj] 20181110
AVG Win32:BankerX-gen [Trj] 20181110
BitDefender Trojan.GenericKD.40741802 20181110
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.411f23 20180225
Cylance Unsafe 20181110
Cyren W32/Trojan.CYWI-8812 20181110
Emsisoft Trojan.GenericKD.40741802 (B) 20181110
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/GenKryptik.CQNZ 20181110
F-Secure Trojan.GenericKD.40741802 20181110
Fortinet Malicious_Behavior.SB 20181110
GData Trojan.GenericKD.40741802 20181110
Sophos ML heuristic 20181108
Kaspersky HEUR:Trojan.Win32.Generic 20181110
Malwarebytes Trojan.Emotet 20181110
MAX malware (ai score=100) 20181110
McAfee RDN/Generic.grp 20181110
McAfee-GW-Edition BehavesLike.Win32.Emotet.ft 20181110
Microsoft Trojan:Win32/Emotet.AC!bit 20181110
eScan Trojan.GenericKD.40741802 20181110
Palo Alto Networks (Known Signatures) generic.ml 20181110
Qihoo-360 HEUR/QVM20.1.18D9.Malware.Gen 20181110
Rising Trojan.Fuery!8.EAFB (CLOUD) 20181110
Sophos AV Mal/Generic-S 20181110
Symantec Trojan.Gen.2 20181110
TrendMicro TROJ_FRS.VSN09K18 20181110
TrendMicro-HouseCall TROJ_FRS.VSN09K18 20181110
Webroot W32.Trojan.Emotet 20181110
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20181110
AhnLab-V3 20181110
Alibaba 20180921
Antiy-AVL 20181110
Avast-Mobile 20181110
Avira (no cloud) 20181110
Babable 20180918
Baidu 20181109
Bkav 20181110
CAT-QuickHeal 20181108
ClamAV 20181110
CMC 20181110
DrWeb 20181110
F-Prot 20181110
Ikarus 20181110
Jiangmin 20181110
K7AntiVirus 20181110
K7GW 20181109
Kingsoft 20181110
NANO-Antivirus 20181110
Panda 20181110
SentinelOne (Static ML) 20181011
SUPERAntiSpyware 20181107
Symantec Mobile Insight 20181108
TACHYON 20181110
Tencent 20181110
TheHacker 20181108
TotalDefense 20181110
Trustlook 20181110
VBA32 20181109
ViRobot 20181110
Yandex 20181109
Zillya 20181109
Zoner 20181110
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name wcp.dll
Internal name WCPDll
File version 6.1.7600.16385 (win7_rtm.090713-1255)
Description Windows Componentization Platform Servicing API
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-11-09 13:15:25
Entry Point 0x00001F0A
Number of sections 6
PE sections
PE imports
RegSetKeySecurity
SetTextJustification
GetStockObject
EndPath
lstrcpynW
GetTimeFormatW
GetModuleHandleA
GetLongPathNameA
GetTimeZoneInformation
IsDialogMessageA
FindFirstUrlCacheGroup
GetColorProfileHeader
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
4294963199

LinkerVersion
12.0

ImageVersion
0.1

FileSubtype
0

FileVersionNumber
6.1.7600.16385

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Windows Componentization Platform Servicing API

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
366080

EntryPoint
0x1f0a

OriginalFileName
wcp.dll

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
6.1.7600.16385 (win7_rtm.090713-1255)

TimeStamp
2018:11:09 14:15:25+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
WCPDll

ProductVersion
6.1.7600.16385

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
8704

ProductName
Microsoft Windows Operating System

ProductVersionNumber
6.1.7600.16385

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 f6b2afd411f23d1b11ac59458129479d
SHA1 9fca024b96459a845c8737ba6ab185e75f47c503
SHA256 43ef00b152c732b21f2a9014c1eaf79dbfe371ef02b131b757b8e8f3539f1b33
ssdeep
3072:+xWmUnQeSAC+1M+VlIScE8EmM2eO+fXnzjlO4OQkmEDsNQW:0WbNSG1dMr5ZeO+Qe

authentihash 21d2a7bae78cbe88edc7019e0491456723972b3f5f4d5b01e49b2be1cf9c2439
imphash 669f4d596530f658c51bb3938516bd6e
File size 358.5 KB ( 367104 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-09 13:18:07 UTC ( 3 months, 1 week ago )
Last submission 2018-11-16 02:20:47 UTC ( 3 months ago )
File names f6b2afd411f23d1b11ac59458129479d
SKijwU4u.exe
wcp.dll
WCPDll
5IFycrWMFMvF9NUmG8.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!