× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 506fa4b97cb81314aa929dee6349218e06e85fbc4f78469592e0a4b90eab17cd
File name: 58c90e6e0d3d1e3217df4dbebfd806ca6e7181a9
Detection ratio: 37 / 68
Analysis date: 2018-06-20 05:35:10 UTC ( 8 months ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Razy.350680 20180620
AegisLab Ml.Attribute.Gen!c 20180620
Arcabit Trojan.Razy.D559D8 20180620
Avast Win32:Malware-gen 20180620
AVG Win32:Malware-gen 20180620
Babable Malware.HighConfidence 20180406
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180620
BitDefender Gen:Variant.Razy.350680 20180620
Bkav HW32.Packed.3D0B 20180619
CAT-QuickHeal Trojan.Drixed.100454 20180620
Comodo CloudScanner.Trojan.Gen 20180620
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20180530
Cybereason malicious.b4e5dc 20180225
Cylance Unsafe 20180620
Cyren W32/Trojan.LVQN-3626 20180620
Emsisoft Gen:Variant.Razy.350680 (B) 20180620
Endgame malicious (high confidence) 20180612
ESET-NOD32 Win32/Emotet.BK 20180620
F-Secure Gen:Variant.Razy.350680 20180620
GData Gen:Variant.Razy.350680 20180620
Ikarus Win32.Outbreak 20180619
Kaspersky UDS:DangerousObject.Multi.Generic 20180620
Malwarebytes Spyware.Emotet 20180620
MAX malware (ai score=90) 20180620
McAfee Emotet-FGR!99D25DCB4E5D 20180620
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20180620
Microsoft Trojan:Win32/Cloxer.D!cl 20180619
eScan Gen:Variant.Razy.350680 20180620
Palo Alto Networks (Known Signatures) generic.ml 20180620
Panda Trj/RnkBend.A 20180619
SentinelOne (Static ML) static engine - malicious 20180618
Sophos AV Mal/Generic-S 20180620
Symantec ML.Attribute.HighConfidence 20180620
TrendMicro-HouseCall Suspicious_GEN.F47V0619 20180620
VBA32 BScope.Trojan.Dovs 20180619
Webroot W32.Trojan.Emotet 20180620
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180620
AhnLab-V3 20180620
Alibaba 20180620
ALYac 20180620
Antiy-AVL 20180620
Avast-Mobile 20180619
Avira (no cloud) 20180619
AVware 20180618
ClamAV 20180620
CMC 20180620
DrWeb 20180620
eGambit 20180620
F-Prot 20180620
Fortinet 20180620
Sophos ML 20180601
Jiangmin 20180620
K7AntiVirus 20180619
K7GW 20180620
Kingsoft 20180620
NANO-Antivirus 20180620
Qihoo-360 20180620
Rising 20180620
SUPERAntiSpyware 20180620
Symantec Mobile Insight 20180619
TACHYON 20180620
Tencent 20180620
TheHacker 20180619
TotalDefense 20180620
TrendMicro 20180620
Trustlook 20180620
VIPRE 20180620
ViRobot 20180619
Yandex 20180618
Zillya 20180619
Zoner 20180619
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(c)2008-2018 CPUID. All rights reserved.

Product CPUID Hardware Monitor
Original name HWMonitor.exe
Internal name HWMonitor.exe
File version 1, 3, 5, 0
Description HWMonitor
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-06-20 03:33:06
Entry Point 0x00001518
Number of sections 4
PE sections
PE imports
FindFirstFreeAce
AddAccessDeniedAce
GetSecurityDescriptorDacl
CryptCreateHash
CryptSIPAddProvider
JetMakeKey
GetFontData
PaintRgn
ExtEscape
RemoveFontMemResourceEx
SetStretchBltMode
SuspendThread
GetThreadPriority
GetTimeZoneInformation
GetSystemDefaultLocaleName
LocalFlags
SetTapePosition
GetCommState
CloseHandle
GetSystemTimeAsFileTime
GetDynamicTimeZoneInformation
lstrcmpW
VirtualAlloc
RpcStringBindingParseW
SetupGetStringFieldA
SetupGetLineTextA
PathStripPathW
UrlApplySchemeW
GetDoubleClickTime
UnregisterHotKey
FlashWindow
OpenWindowStationA
GetThreadDesktop
IsDialogMessageA
OleTranslateAccelerator
Number of PE resources by type
RT_STRING 26
RT_DIALOG 4
RT_BITMAP 4
RT_MENU 1
RT_ACCELERATOR 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 34
FRENCH 3
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:06:20 05:33:06+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
12288

LinkerVersion
0.0

ImageFileCharacteristics
No relocs, Executable, 32-bit

EntryPoint
0x1518

InitializedDataSize
65536

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 99d25dcb4e5dc2d4e93bebf01d84e947
SHA1 58c90e6e0d3d1e3217df4dbebfd806ca6e7181a9
SHA256 506fa4b97cb81314aa929dee6349218e06e85fbc4f78469592e0a4b90eab17cd
ssdeep
1536:BfqhgyWB5upk8p84DzpM0ai8KGJYV31Gkr4jrxU/ruymEPfb+EPpUdDZNX:dqhgyvzyVzYVlPOrqruwPfyEPpUdDzX

authentihash 7d5a84c168c40bc6ec1ba909261aa9d975fa84b767e80ce11408ef28d7500c21
imphash d68943607166d930691d4b4583e2bc87
File size 124.0 KB ( 126976 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-06-19 20:44:50 UTC ( 8 months, 1 week ago )
Last submission 2018-08-02 07:51:15 UTC ( 6 months, 3 weeks ago )
File names output.113470804.txt
98324.exe
1351.exe
output.113469510.txt
rUrhSbt.exe
HWMonitor.exe
17108.exe
57844.exe
27456.exe
output.113469511.txt
58c90e6e0d3d1e3217df4dbebfd806ca6e7181a9
506fa4b97cb81314aa929dee6349218e06e85fbc4f78469592e0a4b90eab17cd.bin.rename
3452.exe
3291.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!