× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4569fac1f1aeed197f82cd8f46b32b65d9d5d24812b60f0f935c61d897d8ab59
File name: 1609.exe
Detection ratio: 21 / 65
Analysis date: 2018-05-30 11:13:30 UTC ( 8 months, 3 weeks ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20180530
AVG FileRepMalware 20180530
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180530
Comodo TrojWare.Win32.Dovs.MO 20180530
Cylance Unsafe 20180530
DrWeb Trojan.EmotetENT.222 20180530
Endgame malicious (high confidence) 20180507
ESET-NOD32 a variant of Win32/Kryptik.GHER 20180530
Fortinet W32/Kryptik.GCDM!tr 20180530
Sophos ML heuristic 20180503
K7GW Hacktool ( 700007861 ) 20180530
Kaspersky UDS:DangerousObject.Multi.Generic 20180530
Malwarebytes Trojan.Emotet 20180530
Microsoft Trojan:Win32/Cloxer.D!cl 20180530
Palo Alto Networks (Known Signatures) generic.ml 20180530
Qihoo-360 HEUR/QVM20.1.81CD.Malware.Gen 20180530
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/EncPk-ANX 20180530
Symantec Packed.Generic.517 20180530
Webroot W32.Trojan.Gen 20180530
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180530
Ad-Aware 20180530
AegisLab 20180530
AhnLab-V3 20180530
Alibaba 20180530
ALYac 20180530
Antiy-AVL 20180530
Arcabit 20180530
Avast-Mobile 20180530
Avira (no cloud) 20180530
AVware 20180530
Babable 20180406
BitDefender 20180530
Bkav 20180530
CAT-QuickHeal 20180530
ClamAV 20180530
CMC 20180529
CrowdStrike Falcon (ML) 20180202
Cybereason None
Cyren 20180530
eGambit 20180530
Emsisoft 20180530
F-Prot 20180530
F-Secure 20180530
GData 20180530
Ikarus 20180529
Jiangmin 20180530
K7AntiVirus 20180530
Kingsoft 20180530
MAX 20180530
McAfee 20180530
McAfee-GW-Edition 20180530
eScan 20180530
NANO-Antivirus 20180530
nProtect 20180530
Panda 20180529
Rising 20180530
SUPERAntiSpyware 20180530
Symantec Mobile Insight 20180525
Tencent 20180530
TheHacker 20180524
TrendMicro 20180530
TrendMicro-HouseCall 20180530
Trustlook 20180530
VBA32 20180529
VIPRE 20180530
ViRobot 20180530
Yandex 20180529
Zillya 20180530
Zoner 20180530
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Visual Studio® 2015
Original name MFC140DEU.DLL
Internal name MFC140DEU.DLL
File version 14.0.23026.0 built by: WCSETUP
Description MFC Language Specific Resources
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2028-12-25 04:27:37
Entry Point 0x0002876D
Number of sections 5
PE sections
PE imports
CM_Get_Class_Name_ExW
CM_Free_Resource_Conflict_Handle
CertOpenStore
GetObjectType
GetCurrentProcess
ReleaseMutex
OpenEventW
GetConsoleCP
ScrollConsoleScreenBufferA
ClearCommBreak
CopyFileA
FlsGetValue
FreeConsole
FindFirstFileNameTransactedW
FlsFree
SetDynamicTimeZoneInformation
NetShareDel
VarCyFix
VarUdateFromDate
I_RpcServerUseProtseqEp2W
RpcStringFreeA
SetupDiInstallClassW
PathCompactPathExW
GetGUIThreadInfo
GetUpdatedClipboardFormats
ChangeMenuA
GetMenuBarInfo
SetScrollInfo
midiStreamPosition
midiInReset
Ord(30)
vprintf
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
GERMAN 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
12.165

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
14.0.23026.0

LanguageCode
German

FileFlagsMask
0x003f

FileDescription
MFC Language Specific Resources

ImageFileCharacteristics
No relocs, Executable, 32-bit, System file

CharacterSet
Unicode

InitializedDataSize
28672

EntryPoint
0x2876d

OriginalFileName
MFC140DEU.DLL

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
14.0.23026.0 built by: WCSETUP

TimeStamp
2028:12:25 05:27:37+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
MFC140DEU.DLL

ProductVersion
14.0.23026.0

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
0

ProductName
Microsoft Visual Studio 2015

ProductVersionNumber
14.0.23026.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

Compressed bundles
File identification
MD5 063ae040c1d5f66f9677ff962e98cf63
SHA1 d59d0fb01ffe625e5f18735429d42e001da91816
SHA256 4569fac1f1aeed197f82cd8f46b32b65d9d5d24812b60f0f935c61d897d8ab59
ssdeep
3072:nGY6olZSHmYLCzq0o6eXf3w/9Y9FpflF:nGYVGGG6T9Y9

authentihash 4df82b326a476f805253071ab0b3ab2df5a98ced6a3403a911f7238ece284c6a
imphash a0a760f274ad94cadcc65101adf31074
File size 192.0 KB ( 196608 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit system file

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-05-30 10:38:32 UTC ( 8 months, 3 weeks ago )
Last submission 2018-06-21 02:02:22 UTC ( 8 months ago )
File names YMFYVK.EXE
78108.exe
MFC140DEU.DLL
1609.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!