× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 45046e646662a30dcf884a8806218717ac52c7589dcc9a98de82c6085180f096
File name: 45046e646662a30dcf884a8806218717ac52c7589dcc9a98de82c6085180f096
Detection ratio: 25 / 70
Analysis date: 2018-12-20 00:03:58 UTC ( 2 months ago )
Antivirus Result Update
Acronis malware 20180726
Avast FileRepMalware 20181219
AVG FileRepMalware 20181219
Bkav HW32.Packed. 20181219
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.e95f82 20180225
Cylance Unsafe 20181220
eGambit Unsafe.AI_Score_99% 20181220
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GNZI 20181219
Ikarus P2P-Worm.Win32.Palevo 20181219
Sophos ML heuristic 20181128
Kaspersky UDS:DangerousObject.Multi.Generic 20181219
McAfee GenericRXGR-QC!09F3877E95F8 20181219
McAfee-GW-Edition BehavesLike.Win32.Emotet.cc 20181219
Microsoft Trojan:Win32/Emotet.AC!bit 20181219
Palo Alto Networks (Known Signatures) generic.ml 20181220
Qihoo-360 HEUR/QVM20.1.FAA9.Malware.Gen 20181220
Rising Malware.Heuristic!ET#98% (RDM+:cmRtazob6fXL4m2FtyZGgFEpzHtX) 20181219
SentinelOne (Static ML) static engine - malicious 20181011
Sophos AV Mal/FakeAV-OP 20181219
Symantec ML.Attribute.HighConfidence 20181219
Trapmine malicious.high.ml.score 20181205
Webroot W32.Trojan.Emotet 20181220
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20181219
Ad-Aware 20181219
AegisLab 20181219
AhnLab-V3 20181219
Alibaba 20180921
ALYac 20181219
Antiy-AVL 20181219
Arcabit 20181219
Avast-Mobile 20181219
Avira (no cloud) 20181219
Babable 20180918
Baidu 20181207
BitDefender 20181219
CAT-QuickHeal 20181219
ClamAV 20181219
CMC 20181219
Comodo 20181219
Cyren 20181219
DrWeb 20181219
Emsisoft 20181219
F-Prot 20181219
F-Secure 20181219
Fortinet 20181219
GData 20181219
Jiangmin 20181219
K7AntiVirus 20181219
K7GW 20181219
Kingsoft 20181220
Malwarebytes 20181219
MAX 20181220
eScan 20181219
NANO-Antivirus 20181219
Panda 20181219
SUPERAntiSpyware 20181212
Symantec Mobile Insight 20181215
TACHYON 20181219
Tencent 20181220
TheHacker 20181216
TotalDefense 20181219
TrendMicro 20181219
TrendMicro-HouseCall 20181220
Trustlook 20181220
VBA32 20181219
ViRobot 20181219
Yandex 20181219
Zillya 20181219
Zoner 20181219
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microso

Product Internet Expl
Original name msfeedssy
Internal name msfeedssyn
Description Microsoft Feeds Synchroniz
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-07-18 02:23:20
Entry Point 0x000029A0
Number of sections 9
PE sections
PE imports
RemoveUsersFromEncryptedFile
GetSecurityDescriptorRMControl
OffsetClipRgn
GetEnvironmentStrings
GetNamedPipeServerProcessId
GetThreadLocale
GetThreadTimes
GlobalMemoryStatusEx
GetBinaryTypeA
GetCurrentThread
Ord(29)
DlgDirListW
GetLastInputInfo
SendMessageA
CopyIcon
GetMenuContextHelpId
GetKeyState
g_rgSCardT1Pci
memmove
OleFlushClipboard
Number of PE resources by type
RT_BITMAP 1
RT_VERSION 1
Number of PE resources by language
JAPANESE DEFAULT 2
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2002:07:18 03:23:20+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
135168

LinkerVersion
2.0

ImageFileCharacteristics
Executable, 32-bit

FileTypeExtension
exe

InitializedDataSize
0

SubsystemVersion
6.0

EntryPoint
0x29a0

OSVersion
6.0

ImageVersion
5.1

UninitializedDataSize
0

File identification
MD5 09f3877e95f8267cf2a2fb92ec92968d
SHA1 597df4aef7c146863f064ff4f69bc0d031356bd4
SHA256 45046e646662a30dcf884a8806218717ac52c7589dcc9a98de82c6085180f096
ssdeep
3072:qdqKZBnerbuvUPUx+8HkB1PTlhg+W8Pj+B5Ete:VKZ1erS5xLEB1hhg+W8Pj+B50

authentihash 4ccb49ae8d7df9265e5d9c45cf81c5a78fbe0517d521f18b07cfd43fc7ef0b47
imphash 76bd583bef32438a9e5d6c9810cd98af
File size 124.0 KB ( 126976 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-19 20:27:45 UTC ( 2 months ago )
Last submission 2018-12-19 20:27:45 UTC ( 2 months ago )
File names msfeedssyn
msfeedssy
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!