× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4e4940c9c8cc45e05e63e27edc9d966e2d5b2fc24c0d36dfd49869658eb5e06d
File name: 5264DBC4.exe
Detection ratio: 45 / 71
Analysis date: 2019-01-04 09:38:12 UTC ( 1 month, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.40894791 20190104
AegisLab Trojan.Win32.Emotet.4!c 20190104
AhnLab-V3 Trojan/Win32.Emotet.R250466 20190104
ALYac Trojan.GenericKD.40894791 20190104
Arcabit Trojan.Generic.D2700147 20190104
Avast Win32:Malware-gen 20190104
AVG Win32:Malware-gen 20190104
BitDefender Trojan.GenericKD.40894791 20190104
Comodo TrojWare.Win32.Trojan.XPack.~gen1@1rwlif 20190104
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cylance Unsafe 20190104
Cyren W32/Trojan.GYUQ-2671 20190104
eGambit Unsafe.AI_Score_81% 20190104
Emsisoft Trojan.GenericKD.40894791 (B) 20190104
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GOFN 20190104
F-Secure Trojan.GenericKD.40894791 20190104
Fortinet W32/GenKryptik.CVLD!tr 20190104
GData Trojan.GenericKD.40894791 20190104
Sophos ML heuristic 20181128
K7AntiVirus Riskware ( 0040eff71 ) 20190104
K7GW Riskware ( 0040eff71 ) 20190104
Kaspersky Trojan-Banker.Win32.Emotet.bxnd 20190104
Malwarebytes Trojan.Emotet 20190104
MAX malware (ai score=83) 20190104
McAfee RDN/Generic.grp 20190104
McAfee-GW-Edition BehavesLike.Win32.Backdoor.hm 20190104
Microsoft Trojan:Win32/Emotet.CZ 20190104
eScan Trojan.GenericKD.40894791 20190104
NANO-Antivirus Trojan.Win32.Emotet.flsixn 20190104
Palo Alto Networks (Known Signatures) generic.ml 20190104
Panda Trj/RnkBend.A 20190103
Qihoo-360 Win32/Trojan.af8 20190104
Rising Trojan.Kryptik!8.8 (CLOUD) 20190104
SentinelOne (Static ML) static engine - malicious 20181223
Sophos AV Mal/EncPk-ACO 20190104
Symantec Trojan.Emotet 20190104
Tencent Win32.Trojan-banker.Emotet.Lqyn 20190104
Trapmine malicious.high.ml.score 20190103
TrendMicro-HouseCall TROJ_GEN.R002C0OA119 20190104
VBA32 BScope.Trojan.Emotet 20190104
VIPRE Trojan.Win32.Generic!BT 20190103
ViRobot Trojan.Win32.Z.Emotet.598016.A 20190103
Webroot W32.Trojan.Emotet 20190104
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bxnd 20190104
Acronis 20181227
Alibaba 20180921
Antiy-AVL 20190104
Avast-Mobile 20190103
Avira (no cloud) 20190104
AVware 20180925
Babable 20180918
Baidu 20190104
Bkav 20190103
CAT-QuickHeal 20190103
ClamAV 20190104
CMC 20190103
Cybereason 20180225
DrWeb 20190104
F-Prot 20190104
Jiangmin 20190104
Kingsoft 20190104
SUPERAntiSpyware 20190102
TACHYON 20190104
TheHacker 20181230
TotalDefense 20190104
TrendMicro 20190104
Trustlook 20190104
Yandex 20181229
Zillya 20190103
Zoner 20190104
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © Sonic Solutions

File version 1.00.51a
Description VVBBBck
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-12-31 03:00:08
Entry Point 0x000080A7
Number of sections 5
PE sections
PE imports
IsValidAcl
GetUserNameW
EnumServicesStatusExW
FreeEncryptionCertificateHashList
GetSecurityDescriptorControl
IsTokenRestricted
EqualDomainSid
FindFirstFreeAce
GetSecurityDescriptorSacl
GetOldestEventLogRecord
GetSecurityDescriptorOwner
LogonUserExW
LookupPrivilegeNameA
LookupAccountSidA
GetCurrentHwProfileW
GetSecurityDescriptorLength
GetFileTitleA
GetSaveFileNameW
GetOpenFileNameW
DeleteEnhMetaFile
GetSystemPaletteEntries
GetBkMode
GetPaletteEntries
GetWindowExtEx
GetDeviceGammaRamp
GetObjectA
DeleteDC
GetTextExtentExPointI
GetWorldTransform
GetTextExtentExPointW
DeleteColorSpace
GetPath
ExtTextOutA
ExtSelectClipRgn
GetBkColor
GetMetaFileA
ExtEscape
GetClipRgn
GetStretchBltMode
GetFontData
GetCharWidth32A
LineDDA
GetVolumePathNameW
GetStdHandle
FileTimeToDosDateTime
GetConsoleOutputCP
FileTimeToSystemTime
GetFileAttributesA
GetDriveTypeA
GetPrivateProfileSectionNamesW
EnumUILanguagesW
GetPrivateProfileStructW
FreeEnvironmentStringsA
GetLocaleInfoA
LocalAlloc
GetConsoleCursorInfo
GetLogicalDrives
VirtualLock
lstrcatW
GetTempPathA
lstrcmpiA
GetStringTypeA
WritePrivateProfileStructA
GetSystemTimeAsFileTime
GetThreadPriority
LoadResource
GlobalCompact
GlobalHandle
FindClose
WriteProcessMemory
GetLargestConsoleWindowSize
DeleteTimerQueueEx
FindNextVolumeW
GetProfileSectionW
GetLocalTime
DeleteTimerQueueTimer
WriteProfileStringW
GetTapeParameters
LocalFlags
GetConsoleDisplayMode
GetVolumeNameForVolumeMountPointW
GetSystemDirectoryA
DecodePointer
FindAtomW
DebugActiveProcess
LocalFileTimeToFileTime
FindAtomA
GetVersion
FillConsoleOutputCharacterA
ExitThread
GetStartupInfoA
GetWindowsDirectoryW
GetFileSize
FindActCtxSectionGuid
GetPrivateProfileIntW
GetComputerNameExA
ExpandEnvironmentStringsW
FreeConsole
FindVolumeMountPointClose
FindNextFileA
GetDiskFreeSpaceExA
lstrcmpW
FindFirstFileExW
ExpandEnvironmentStringsA
GetBinaryTypeA
EscapeCommFunction
GetPrivateProfileSectionA
LocalUnlock
GetShortPathNameW
GetSystemInfo
GetSystemWindowsDirectoryW
GetThreadLocale
FindResourceExA
GetUserGeoID
lstrlenW
GetShortPathNameA
GetQueuedCompletionStatus
FileTimeToLocalFileTime
GetCurrentDirectoryW
GetCommandLineW
GetCurrentDirectoryA
GetCurrentActCtx
GetCommandLineA
FlsFree
VirtualUnlock
EnumSystemCodePagesA
GetCurrentThreadId
QueryIdleProcessorCycleTime
GetComputerNameExW
GetFileAttributesExA
GetProcessVersion
GetRecordInfoFromTypeInfo
LoadTypeLib
LoadTypeLibEx
ExtractAssociatedIconA
FindExecutableW
FindExecutableA
GetMenuPosFromID
InitializeSecurityContextA
GetUserNameExW
GetComputerObjectNameW
DeleteSecurityContext
GetMessageA
GetForegroundWindow
GetPropW
LoadBitmapW
EnumWindows
DefMDIChildProcW
FindWindowW
DefWindowProcA
GetClassInfoExA
GetShellWindow
FindWindowA
DrawFrameControl
LoadMenuW
GetRawInputDeviceInfoW
GetSysColorBrush
GetSystemMetrics
GetLastInputInfo
InsertMenuItemW
MessageBoxIndirectA
DialogBoxParamW
GetPropA
InsertMenuA
GetMessageTime
MessageBoxW
DrawTextA
GetClassWord
InsertMenuW
DefFrameProcW
GetClassLongW
GetMenuContextHelpId
IsWindowVisible
GetRawInputData
DefFrameProcA
DialogBoxParamA
GetClientRect
GetMenuCheckMarkDimensions
GetWindowInfo
IsWindow
LoadAcceleratorsA
DrawFocusRect
FindWindowExA
GetMenuDefaultItem
GetKeyboardLayout
GetMenuItemCount
DefDlgProcA
EnumThreadWindows
GetDesktopWindow
GetDialogBaseUnits
GetFocus
LoadAcceleratorsW
GetWindowRgnBox
InvalidateRgn
DeregisterShellHookWindow
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
GetUrlCacheEntryInfoExA
GetUrlCacheEntryInfoExW
GetPrinterW
FindClosePrinterChangeNotification
DeletePrinterDriverW
FindFirstPrinterChangeNotification
GetStandardColorSpaceProfileW
vprintf
fputws
strtod
fwrite
localeconv
system
free
_time64
fprintf
strcoll
strtoul
strstr
tolower
strcspn
MkParseDisplayNameEx
IsValidURL
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
12.0

ImageVersion
0.0

FileVersionNumber
1.0.51.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
VVBBBck

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
233472

EntryPoint
0x80a7

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.00.51a

TimeStamp
2018:12:30 19:00:08-08:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

OSVersion
5.1

FileOS
Win32

LegalCopyright
Copyright Sonic Solutions

MachineType
Intel 386 or later, and compatibles

CompanyName
Sonic Solutions

CodeSize
178176

FileSubtype
0

ProductVersionNumber
1.0.0.1

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 afa584e66187f84b2bb08fd621d33caa
SHA1 5ce91abf67c183236342875f1d1402c4a41fff94
SHA256 4e4940c9c8cc45e05e63e27edc9d966e2d5b2fc24c0d36dfd49869658eb5e06d
ssdeep
3072:zDfNxfCwxLxLNc6WM1NXv8Rc3Tt6jpzKeX/Gcl:zLNYSLK0NXv8RcJ6VpX+

authentihash 00353447faea4bbc27f8d21ddbbf11c393f4d3948b7c1024e8b46b558d726a2f
imphash 4330515812f1ad3bf41ef55a74e644c2
File size 584.0 KB ( 598016 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-31 03:11:59 UTC ( 1 month, 3 weeks ago )
Last submission 2018-12-31 03:11:59 UTC ( 1 month, 3 weeks ago )
File names 5264DBC4.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!