× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4f8b1a05faa6e9c673a2f3232ae393d88e4c81d2fd421afa7769d1006a1d9136
File name: latinmachine.exe
Detection ratio: 20 / 65
Analysis date: 2018-11-13 16:02:10 UTC ( 3 months ago ) View latest
Antivirus Result Update
AegisLab Trojan.Win32.Generic.ljju 20181113
Avast Win32:MdeClass 20181113
AVG Win32:MdeClass 20181113
Bkav HW32.Packed. 20181113
ClamAV Win.Malware.Emotet-6746185-0 20181113
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
Cybereason malicious.fbd6ce 20180225
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/GenKryptik.CQXM 20181113
Fortinet W32/Kryptik.GMOJ!tr 20181113
Sophos ML heuristic 20181108
K7AntiVirus Trojan ( 0053b6a31 ) 20181113
K7GW Trojan ( 0053b6a31 ) 20181113
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20181113
Microsoft Trojan:Win32/Emotet.AC!bit 20181113
Palo Alto Networks (Known Signatures) generic.ml 20181113
Qihoo-360 HEUR/QVM20.1.2E77.Malware.Gen 20181113
Symantec ML.Attribute.HighConfidence 20181113
VBA32 Malware-Cryptor.Limpopo 20181113
Webroot W32.Trojan.Emotet 20181113
Ad-Aware 20181112
AhnLab-V3 20181113
Alibaba 20180921
ALYac 20181113
Antiy-AVL 20181113
Arcabit 20181113
Avast-Mobile 20181113
Avira (no cloud) 20181113
Babable 20180918
Baidu 20181112
BitDefender 20181113
CAT-QuickHeal 20181113
CMC 20181113
Cylance 20181113
Cyren 20181113
DrWeb 20181113
eGambit 20181113
Emsisoft 20181113
F-Prot 20181113
F-Secure 20181113
GData 20181113
Ikarus 20181113
Jiangmin 20181113
Kaspersky 20181113
Kingsoft 20181113
Malwarebytes 20181113
MAX 20181113
McAfee 20181113
eScan 20181113
NANO-Antivirus 20181113
Panda 20181113
Rising 20181113
SentinelOne (Static ML) 20181011
Sophos AV 20181113
SUPERAntiSpyware 20181107
Symantec Mobile Insight 20181108
TACHYON 20181113
Tencent 20181113
TheHacker 20181108
TrendMicro 20181113
TrendMicro-HouseCall 20181113
Trustlook 20181113
ViRobot 20181113
Yandex 20181112
Zillya 20181113
ZoneAlarm by Check Point 20181113
Zoner 20181113
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft

Product Sola Plug-in
Original name msiltcfg.dl
Internal name Aban Plug-in
File version 1, 4, 2, 50
Description Window I Stub
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1995-06-10 08:02:18
Entry Point 0x0000175D
Number of sections 6
PE sections
PE imports
ImpersonateNamedPipeClient
CryptEncrypt
QueryUsersOnEncryptedFile
ImageList_Draw
CertAddStoreToCollection
CloseEnhMetaFile
SetBitmapBits
OffsetRgn
GetBkMode
SetViewportOrgEx
DeleteObject
GetSystemTime
GetThreadPriority
GetNumberOfConsoleMouseButtons
GlobalAlloc
AllocConsole
GetCommandLineA
GlobalMemoryStatusEx
FindFirstFileNameTransactedW
VARIANT_UserMarshal
VarI2FromDate
NdrConformantArrayBufferSize
StrToIntW
IsClipboardFormatAvailable
PrintWindow
DdeAccessData
IsDlgButtonChecked
DrawIcon
IsZoomed
CreateCaret
GetWindowDC
GetMenuCheckMarkDimensions
AddClipboardFormatListener
wsprintfW
SetMenuInfo
Number of PE resources by type
RT_DIALOG 19
RT_STRING 10
RT_VERSION 1
Number of PE resources by language
ITALIAN NEUTRAL 3
SWEDISH NEUTRAL 3
CHINESE TRADITIONAL 3
SPANISH NEUTRAL 3
GERMAN NEUTRAL 3
CHINESE SIMPLIFIED 3
JAPANESE DEFAULT 3
FRENCH NEUTRAL 3
ENGLISH US 3
KOREAN 3
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
143360

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.4.2.50

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Window I Stub

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

LinkerVersion
12.0

EntryPoint
0x175d

OriginalFileName
msiltcfg.dl

MIMEType
application/x-java-applet;version=1.3.1|application/x-java-bean;version=1.3.1|application/x-java-applet;version=1.4|application/x-java-bean;version=1.4|application/x-java-applet;version=1.4.1|application/x-java-bean;version=1.4.1

LegalCopyright
Microsoft

FileExtents
|||||

FileOpenName
Aban Applet|JavaBeans|Sola Applet|SolaBeans|Sola Applet|SolaBeans

FileVersion
1, 4, 2, 50

TimeStamp
1995:06:10 01:02:18-07:00

FileType
Win32 EXE

PEType
PE32

InternalName
Aban Plug-in

ProductVersion
1, 4, 2, 50

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
AbanSoft / Sun Microsystems, Inc.

CodeSize
12288

ProductName
Sola Plug-in

ProductVersionNumber
1.4.2.50

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 ffa1fc2fbd6cee03d553815f96f04e55
SHA1 907692c9af623871840a9a1b73b8ce2fe2e68de1
SHA256 4f8b1a05faa6e9c673a2f3232ae393d88e4c81d2fd421afa7769d1006a1d9136
ssdeep
3072:VkxJzCjnFJ2V0roU5g4OBoisxteBFNht6HCUm/ulOhM:2xJzCjf2VIof4OBZsjeB/baCUy

authentihash 3c104d0586ad997684840fa506cd32e8a073d9802ac3956770ed4bcf9858fd7f
imphash b3ffca736f27051b8e96933dab11a963
File size 148.0 KB ( 151552 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-13 15:47:53 UTC ( 3 months ago )
Last submission 2018-11-13 16:02:10 UTC ( 3 months ago )
File names msiltcfg.dl
NqySh8U1sijE.exe
DsbXtKeLup.exe
Aban Plug-in
latinmachine.exe
QF6TeD3e5ClJ332p.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!