× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4475ce05d7402835906a2380e590105bec6393348a6ef725eea092e64bd44098
File name: 9qxEcfxG.exe
Detection ratio: 20 / 71
Analysis date: 2019-01-25 10:29:18 UTC ( 1 month, 3 weeks ago ) View latest
Antivirus Result Update
Acronis suspicious 20190124
Avast FileRepMalware 20190125
AVG FileRepMalware 20190125
Bkav HW32.Packed. 20190125
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181023
Cybereason malicious.5a5c55 20190109
Cylance Unsafe 20190125
eGambit Unsafe.AI_Score_97% 20190125
Endgame malicious (high confidence) 20181108
Sophos ML heuristic 20181128
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20190125
Microsoft Trojan:Win32/Fuerboos.A!cl 20190125
Qihoo-360 HEUR/QVM20.1.C7FA.Malware.Gen 20190125
Rising Trojan.Kryptik!8.8/N3#93% (RDM+:cmRtazqvA1mFUc86AIEypMb+trZE) 20190125
SentinelOne (Static ML) static engine - malicious 20190124
Sophos AV Mal/EncPk-ANR 20190125
Symantec ML.Attribute.HighConfidence 20190125
Trapmine malicious.high.ml.score 20190123
VBA32 SScope.Malware-Cryptor.Emotet 20190125
Webroot W32.Trojan.Emotet 20190125
Ad-Aware 20190125
AegisLab 20190125
AhnLab-V3 20190125
Alibaba 20180921
ALYac 20190125
Antiy-AVL 20190125
Arcabit 20190125
Avast-Mobile 20190125
Avira (no cloud) 20190125
Babable 20180918
Baidu 20190125
BitDefender 20190125
CAT-QuickHeal 20190125
ClamAV 20190125
CMC 20190125
Comodo 20190125
Cyren 20190125
DrWeb 20190125
Emsisoft 20190125
ESET-NOD32 20190125
F-Prot 20190125
F-Secure 20190125
Fortinet 20190125
GData 20190125
Ikarus 20190125
Jiangmin 20190125
K7AntiVirus 20190125
K7GW 20190125
Kaspersky 20190125
Kingsoft 20190125
Malwarebytes 20190125
MAX 20190125
McAfee 20190125
eScan 20190125
NANO-Antivirus 20190125
Palo Alto Networks (Known Signatures) 20190125
Panda 20190124
SUPERAntiSpyware 20190123
TACHYON 20190125
Tencent 20190125
TheHacker 20190125
TotalDefense 20190125
TrendMicro 20190125
TrendMicro-HouseCall 20190125
Trustlook 20190125
VIPRE 20190124
ViRobot 20190125
Yandex 20190124
Zillya 20190124
ZoneAlarm by Check Point 20190125
Zoner 20190124
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Philips Semiconductors 2002

Product 34ds
Original name 34ds.dll
Internal name 34ds
File version 2, 1, 0, 0
Description 34ds
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-01-25 18:20:51
Entry Point 0x00004160
Number of sections 9
PE sections
PE imports
RegQueryInfoKeyW
IsTokenRestricted
AVIStreamSampleToTime
RealizePalette
GetTickCount64
SetSystemFileCacheSize
GetSystemDefaultUILanguage
GetCommandLineW
GetThreadTimes
CreateMutexW
CreateTimerQueue
GlobalMemoryStatusEx
DuplicateHandle
Thread32First
GetCurrentThread
CloseWindow
TranslateMessage
SetThreadDesktop
GetWindow
GetMenuDefaultItem
IsChild
CopyImage
waveInGetID
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.1.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
34ds

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
139264

EntryPoint
0x4160

OriginalFileName
34ds.dll

MIMEType
application/octet-stream

LegalCopyright
Philips Semiconductors 2002

FileVersion
2, 1, 0, 0

TimeStamp
2019:01:25 19:20:51+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
34ds

ProductVersion
2, 1, 0, 0

SubsystemVersion
6.1

OSVersion
6.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Philips Semiconductors

CodeSize
16384

ProductName
34ds

ProductVersionNumber
2.1.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 0f648ae1afd128f8362dd42b5da54ecd
SHA1 2c96d845a5c55f02f78ca20a62b4d7a3e1f8c0aa
SHA256 4475ce05d7402835906a2380e590105bec6393348a6ef725eea092e64bd44098
ssdeep
3072:mfFsanj0bBglCJ85n6Xdi/LF7mFtDAHwhEqrs:+Fsanj0b3iR8fAQfr

authentihash 6cc286c191a2c737b0ea5856ae58ab5866966f68ed268f328a330cb7f95c21e1
imphash 2a3ac7a0186f71d1a35d22b6ab76d346
File size 148.0 KB ( 151552 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2019-01-25 10:29:11 UTC ( 1 month, 3 weeks ago )
Last submission 2019-01-26 23:32:42 UTC ( 1 month, 2 weeks ago )
File names wcCwvEGizOnxC.exe
34ds.dll
9qxEcfxG.exe
FYy7mj_1M2x.exe
D4GUZ03.exe
QwjhVu.exe
3946qtTD_3xGJ.exe
8r0cYKo79.exe
21359064.exe
Nls_oHO.exe
34ds
XwWnEFcByJV8G_p9hcXFXZA.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!