× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4eac59e0d3e5344031f76f0a2002be6984115768d4a0eceb3da9e833aac1e421
File name: 68FoJX.exe
Detection ratio: 50 / 68
Analysis date: 2018-12-16 02:02:15 UTC ( 2 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.40663805 20181215
AhnLab-V3 Malware/RL.Generic.R242199 20181215
ALYac Trojan.GenericKD.40663805 20181215
Antiy-AVL Trojan[Banker]/Win32.Emotet 20181215
Arcabit Trojan.Generic.D26C7AFD 20181215
Avast Win32:Malware-gen 20181215
AVG Win32:Malware-gen 20181215
Avira (no cloud) HEUR/AGEN.1037087 20181216
BitDefender Trojan.GenericKD.40663805 20181216
CAT-QuickHeal Trojan.Emotet.X4 20181215
ClamAV Win.Trojan.Emotet-6748801-0 20181216
Comodo Malware@#21v45ypwqor2n 20181216
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cylance Unsafe 20181216
Cyren W32/Trojan.XPDY-0512 20181216
Emsisoft Trojan.GenericKD.40663805 (B) 20181216
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GMHC 20181215
F-Secure Trojan.GenericKD.40663805 20181216
Fortinet W32/GenKryptik.CPNX!tr 20181216
GData Trojan.GenericKD.40663805 20181216
Ikarus Trojan.Win32.Krypt 20181216
Sophos ML heuristic 20181128
K7AntiVirus Trojan ( 0053c2ba1 ) 20181215
K7GW Trojan ( 0053c2ba1 ) 20181215
Kaspersky Trojan-Banker.Win32.Emotet.blke 20181216
Malwarebytes Trojan.Emotet 20181216
MAX malware (ai score=100) 20181216
McAfee RDN/Generic.hra 20181216
McAfee-GW-Edition RDN/Generic.hra 20181215
Microsoft Trojan:Win32/Emotet.AC!bit 20181215
eScan Trojan.GenericKD.40663805 20181215
NANO-Antivirus Trojan.Win32.Emotet.fkecqi 20181215
Palo Alto Networks (Known Signatures) generic.ml 20181216
Panda Trj/Genetic.gen 20181215
Qihoo-360 Win32/Trojan.d5e 20181216
Rising Trojan.Kryptik!1.B4A3 (CLOUD) 20181215
Sophos AV Mal/EncPk-ANY 20181215
Symantec Trojan.Emotet 20181215
TACHYON Banker/W32.Emotet.271360.B 20181214
Tencent Win32.Trojan-banker.Emotet.Eop 20181216
Trapmine malicious.high.ml.score 20181205
TrendMicro TROJ_GEN.R004C0CK118 20181215
TrendMicro-HouseCall TROJ_GEN.R004C0CK118 20181215
VBA32 BScope.Trojan.Refinka 20181214
VIPRE Trojan.Win32.Generic!BT 20181215
Webroot W32.Trojan.Emotet 20181216
Yandex Trojan.PWS.Emotet! 20181214
Zillya Trojan.Emotet.Win32.6803 20181215
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.blke 20181215
AegisLab 20181214
Alibaba 20180921
Avast-Mobile 20181215
Babable 20180918
Baidu 20181207
Bkav 20181214
CMC 20181216
DrWeb 20181216
eGambit 20181216
F-Prot 20181216
Jiangmin 20181216
Kingsoft 20181216
SentinelOne (Static ML) 20181011
SUPERAntiSpyware 20181212
Symantec Mobile Insight 20181215
TheHacker 20181213
TotalDefense 20181215
ViRobot 20181215
Zoner 20181215
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1994-2004, Firelight Technologies Pty, Ltd.

Product FMOD
Original name fmod.dll
Internal name FMOD
File version 3.72
Description FMOD
Comments FMOD Sound and Music System
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-10-30 15:45:47
Entry Point 0x0003B369
Number of sections 4
PE sections
PE imports
CryptGenRandom
InitCommonControlsEx
CryptUnregisterOIDFunction
CryptHashPublicKeyInfo
SetPixelV
StrokeAndFillPath
DPtoLP
SetPixelFormat
ImmEnumRegisterWordW
GetFileAttributesExW
GetModuleHandleA
SetCommState
GetThreadUILanguage
SetConsoleScreenBufferSize
SetCommTimeouts
MprConfigServerConnect
MprInfoBlockFind
VarDateFromI2
IUnknown_AddRef_Proxy
SetupCreateDiskSpaceListW
GetClipboardFormatNameW
VkKeyScanW
CharUpperBuffA
GetPrinterDriverDirectoryA
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
5.0

Comments
FMOD Sound and Music System

LinkerVersion
13.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
3.7.2.0

LanguageCode
English (Australian)

FileFlagsMask
0x003f

FileDescription
FMOD

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
2820043032

EntryPoint
0x3b369

OriginalFileName
fmod.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright 1994-2004, Firelight Technologies Pty, Ltd.

FileVersion
3.72

TimeStamp
2018:10:30 16:45:47+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
FMOD

ProductVersion
3.72

UninitializedDataSize
4294967295

OSVersion
5.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Firelight Technologies Pty, Ltd

CodeSize
244736

ProductName
FMOD

ProductVersionNumber
3.7.2.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 084b08bf5446b117be9abe5d82f56213
SHA1 50fa22c26ccb6edaabad13a17f2766a4e2a1b928
SHA256 4eac59e0d3e5344031f76f0a2002be6984115768d4a0eceb3da9e833aac1e421
ssdeep
1536:Tcrx29ljqTSWW+ILiuv8qGG2k5O3ryGfDv1v/PnZGRX/gPiFeqkYSdHLGYzdB:syjVWnILiVqGH+45Lh/PZu/PQRLGYBB

authentihash 1744cdb06d235c2872d4317daffceb76a0ea6d2fcd5c9a364830a9755308d1ba
imphash 7f17ae90239bde2f46b7629e4996258f
File size 265.0 KB ( 271360 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-30 15:49:56 UTC ( 3 months, 3 weeks ago )
Last submission 2018-10-31 07:46:42 UTC ( 3 months, 3 weeks ago )
File names 68FoJX.exe
UhjPR.exe
fmod.dll
FMOD
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!