× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4f76e48778c0f46e36edab97446d6b8d6ad794a8443c3cc9201b8bdbb431f871
File name: ULqX1MIkOSlJxRCaU.exe
Detection ratio: 14 / 67
Analysis date: 2018-11-19 19:46:13 UTC ( 3 months ago ) View latest
Antivirus Result Update
AVG Win32:MdeClass 20181119
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
Cylance Unsafe 20181119
Endgame malicious (high confidence) 20181108
Fortinet W32/GenKryptik.CRII!tr 20181119
Sophos ML heuristic 20181108
K7AntiVirus Trojan ( 0053c2ba1 ) 20181119
K7GW Trojan ( 0053c2ba1 ) 20181119
Microsoft Trojan:Win32/Emelent.E!cl 20181119
NANO-Antivirus Virus.Win32.Gen.ccmw 20181119
Qihoo-360 HEUR/QVM19.1.511D.Malware.Gen 20181119
Rising Trojan.Kryptik!8.8 (TFE:3:MBaVcSxOB7P) 20181119
SentinelOne (Static ML) static engine - malicious 20181011
Symantec ML.Attribute.HighConfidence 20181118
Ad-Aware 20181119
AegisLab 20181119
AhnLab-V3 20181119
Alibaba 20180921
ALYac 20181119
Antiy-AVL 20181119
Arcabit 20181119
Avast 20181119
Avast-Mobile 20181119
Avira (no cloud) 20181119
Babable 20180918
Baidu 20181119
BitDefender 20181119
Bkav 20181119
CAT-QuickHeal 20181119
ClamAV 20181119
CMC 20181119
Cybereason 20180225
Cyren 20181119
DrWeb 20181119
eGambit 20181119
Emsisoft 20181119
ESET-NOD32 20181119
F-Prot 20181119
F-Secure 20181119
GData 20181119
Ikarus 20181119
Jiangmin 20181119
Kaspersky 20181119
Kingsoft 20181119
Malwarebytes 20181119
MAX 20181119
McAfee 20181119
McAfee-GW-Edition 20181119
eScan 20181119
Palo Alto Networks (Known Signatures) 20181119
Panda 20181119
Sophos AV 20181119
SUPERAntiSpyware 20181114
Symantec Mobile Insight 20181108
TACHYON 20181119
Tencent 20181119
TheHacker 20181118
TotalDefense 20181118
TrendMicro 20181119
TrendMicro-HouseCall 20181119
Trustlook 20181119
VBA32 20181119
VIPRE 20181118
ViRobot 20181119
Webroot 20181119
Zillya 20181119
ZoneAlarm by Check Point 20181119
Zoner 20181119
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) Musicmatch 1998-2003

Product Musicmatch® Jukebox
Original name mmgit.dll
Internal name mmgit.dll
File version 6.1.7600
Description ApiSet Stub DLL
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-11-19 19:42:51
Entry Point 0x000BE864
Number of sections 5
PE sections
PE imports
EnumServicesStatusA
GetTextCharsetInfo
MoveToEx
GetWindowExtEx
DeleteObject
GetShortPathNameW
GetModuleHandleA
GetCurrentDirectoryA
SetConsoleCursorInfo
GetUserDefaultLCID
VirtualAlloc
GetDlgCtrlID
CreateCaret
UserHandleGrantAccess
RegisterRawInputDevices
GetComboBoxInfo
IsChild
Number of PE resources by type
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.3.0.44

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
ApiSet Stub DLL

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
294912

EntryPoint
0xbe864

OriginalFileName
mmgit.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) Musicmatch 1998-2003

FileVersion
6.1.7600

TimeStamp
2018:11:19 20:42:51+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
mmgit.dll

ProductVersion
1.03.0044

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Musicmatch , Inc.

CodeSize
786432

ProductName
Musicmatch Jukebox

ProductVersionNumber
1.3.0.44

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 49c2629c0ed95f6f9bc36b244f8872a0
SHA1 02d75c0499e57b6577b9eeb9c47cec8b2f022b4f
SHA256 4f76e48778c0f46e36edab97446d6b8d6ad794a8443c3cc9201b8bdbb431f871
ssdeep
6144:hz2mnrzwa+/cOyBk1jklgJFfBBIUpY10nW:hz2mnEBh1pBI

authentihash 932ca22d659e524468610ba2593ce254fc7475d01aa31b7deb10d67313d8802c
imphash a314d1e8eba0612f49ec5bfb8d6837f3
File size 1.0 MB ( 1077248 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-19 19:46:13 UTC ( 3 months ago )
Last submission 2018-12-01 15:52:42 UTC ( 2 months, 2 weeks ago )
File names mdieqkc2.exe
0JC5qFj3X.exe
P0A3gs11yj0.exe
voxQzeZp.exe
Yp7858ba.exe
KS8BVXxOP1.exe
ULqX1MIkOSlJxRCaU.exe
VH11yYoahjj.exe
chunkcontrol.exe
elementstatus.exe
addingrad.exe
MXjH0onSek.exe
hcz.exe
P44YfePYmq0.exe
wA60iANoL0ig.exe
1aLTOhZ
QB6cYYh0CtN.exe
qXqM9UHV.exe
49c2629c0ed95f6f9bc36b244f8872a0
pOb7SdKZhtOn.exe
H8GMAGFTTVZ3NEG.EXE
chunkengn.exe
l00wvFU9Kl.exe
VRSWBhbm.exe
49c2629c0ed95f6f9bc36b244f8872a0.virobj
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.