× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4cbeed252e3a2407551e5ce119a546498f98dfd633b3c0156b120274df86d0c9
File name: d214f50d67235235794193fc7ad6c6ed
Detection ratio: 47 / 68
Analysis date: 2018-11-16 08:26:44 UTC ( 3 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.40435981 20181116
AhnLab-V3 Trojan/Win32.Emotet.R212958 20181115
ALYac Trojan.Agent.Emotet 20181116
Arcabit Trojan.Generic.D269010D 20181116
Avast Win32:BankerX-gen [Trj] 20181116
AVG Win32:BankerX-gen [Trj] 20181116
Avira (no cloud) TR/Crypt.ZPACK.Gen8 20181116
BitDefender Trojan.GenericKD.40435981 20181116
CAT-QuickHeal Trojan.Emotet.X4 20181115
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.d67235 20180225
Cylance Unsafe 20181116
Cyren W32/Emotet.FL.gen!Eldorado 20181116
Emsisoft Trojan.Emotet (A) 20181116
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Injector.EACK 20181116
F-Prot W32/Emotet.FL.gen!Eldorado 20181116
F-Secure Trojan.GenericKD.40435981 20181116
Fortinet W32/Injector.EACK!tr 20181116
GData Trojan.GenericKD.40435981 20181116
Ikarus Trojan.Win32.Injector 20181115
Sophos ML heuristic 20181108
Jiangmin Trojan.Banker.Emotet.cme 20181116
K7AntiVirus Trojan ( 0053b6a31 ) 20181116
K7GW Trojan ( 0053b6a31 ) 20181116
Kaspersky Trojan-Banker.Win32.Emotet.bbyt 20181116
Malwarebytes Trojan.Emotet 20181116
McAfee RDN/Generic.grp 20181116
McAfee-GW-Edition BehavesLike.Win32.Dropper.bt 20181116
Microsoft Trojan:Win32/Emotet.AC!bit 20181116
eScan Trojan.GenericKD.40435981 20181116
NANO-Antivirus Trojan.Win32.Emotet.fhzrhe 20181116
Palo Alto Networks (Known Signatures) generic.ml 20181116
Panda Trj/Genetic.gen 20181115
Qihoo-360 Win32/Trojan.a49 20181116
Rising Trojan.Emotet!8.B95 (TFE:2:UEXKJPQcL3P) 20181116
Sophos AV Mal/EncPk-ANY 20181116
SUPERAntiSpyware Trojan.Agent/Gen-Crypt 20181114
Symantec Trojan.Emotet 20181116
TACHYON Trojan/W32.Agent.786432.RI 20181116
Tencent Win32.Trojan-banker.Emotet.Wnls 20181116
TrendMicro TROJ_GEN.USHT18 20181116
TrendMicro-HouseCall TROJ_GEN.USHT18 20181116
ViRobot Trojan.Win32.Z.Emotet.786432.A 20181116
Webroot W32.Trojan.Gen 20181116
Zillya Trojan.Emotet.Win32.3369 20181115
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bbyt 20181116
AegisLab 20181116
Alibaba 20180921
Antiy-AVL 20181116
Avast-Mobile 20181115
Babable 20180918
Baidu 20181116
Bkav 20181115
ClamAV 20181116
CMC 20181116
Comodo 20181116
DrWeb 20181116
eGambit 20181116
Kingsoft 20181116
MAX 20181116
SentinelOne (Static ML) 20181011
Symantec Mobile Insight 20181108
TheHacker 20181113
TotalDefense 20181116
Trustlook 20181116
VBA32 20181115
Yandex 20181115
Zoner 20181116
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights res

Product Microsoft® Windows® Operat
Original name apisetst
Internal name apisetst
File version 6.1.7601.23677 (win7sp1_ldr.170209-
Description ApiSet Stub DLL
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-08-29 22:31:14
Entry Point 0x00001C4B
Number of sections 6
PE sections
PE imports
CryptDeriveKey
RegDisablePredefinedCache
EqualPrefixSid
DeleteAce
AVIStreamStart
CertCreateContext
GetTextCharsetInfo
DeleteColorSpace
GetTextCharset
GetDCPenColor
GetFileTime
GetLogicalProcessorInformation
GetFileSizeEx
GetModuleHandleA
LockResource
GetFileInformationByHandle
GetEnvironmentStringsW
GlobalFindAtomW
NetUserModalsSet
ExtractIconW
PathAddBackslashA
FreeContextBuffer
GetCursorPos
EndDialog
GetDlgItem
GetComboBoxInfo
LookupIconIdFromDirectoryEx
GetTabbedTextExtentW
strtoul
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.1.7600.16385

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
ApiSet Stub DLL

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
0

EntryPoint
0x1c4b

OriginalFileName
apisetst

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights res

FileVersion
6.1.7601.23677 (win7sp1_ldr.170209-

TimeStamp
2018:08:30 00:31:14+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
apisetst

ProductVersion
6.1.7601.236

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporati

CodeSize
12288

ProductName
Microsoft Windows Operat

ProductVersionNumber
6.1.7600.16385

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 d214f50d67235235794193fc7ad6c6ed
SHA1 ad6ff6320e689b51e55a53a9edd3da60012988f3
SHA256 4cbeed252e3a2407551e5ce119a546498f98dfd633b3c0156b120274df86d0c9
ssdeep
6144:KM/+NrihvYmeeQGirG2M/LYpGkDsXQ29o8XKgD4ijb9UH9dmT:KMe+eeXEM/LYpGkDsA38KqW9c

authentihash 72492a2ce694ed9bd5f4af91f189570ead2771860d0f345a09eac6a095f52cce
imphash 856a8f8e0c5fb1161c1cf2d51fc8431e
File size 768.0 KB ( 786432 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-08-29 22:40:32 UTC ( 5 months, 2 weeks ago )
Last submission 2018-11-16 08:26:44 UTC ( 3 months ago )
File names d214f50d67235235794193fc7ad6c6ed
111382.exe
654.exe
8955272.exe
3.exe
apisetst
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Opened mutexes
Runtime DLLs