× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 55330a70b305c34a9bb3197912c3307f5880cde77cff782d509c05621e52e6ab
File name: 55330a70b305c34a9bb3197912c3307f5880cde77cff782d509c05621e52e6ab
Detection ratio: 9 / 67
Analysis date: 2018-09-11 10:53:48 UTC ( 5 months, 1 week ago ) View latest
Antivirus Result Update
AVG FileRepMalware 20180911
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180910
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20180723
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Kryptik.GKQC 20180911
Microsoft Trojan:Win32/Fuerboos.A!cl 20180911
Qihoo-360 HEUR/QVM20.1.CAD9.Malware.Gen 20180911
Rising Trojan.Emotet!8.B95 (TFE:dGZlOgLI6c89weAUuQ) 20180911
SentinelOne (Static ML) static engine - malicious 20180830
Ad-Aware 20180911
AegisLab 20180911
AhnLab-V3 20180911
Alibaba 20180713
ALYac 20180911
Antiy-AVL 20180911
Arcabit 20180911
Avast 20180911
Avast-Mobile 20180911
Avira (no cloud) 20180911
AVware 20180911
Babable 20180907
BitDefender 20180911
Bkav 20180911
CAT-QuickHeal 20180909
ClamAV 20180911
CMC 20180911
Comodo 20180911
Cybereason 20180225
Cylance 20180911
Cyren 20180911
DrWeb 20180911
eGambit 20180911
Emsisoft 20180911
F-Prot 20180911
F-Secure 20180911
Fortinet 20180911
GData 20180911
Ikarus 20180911
Sophos ML 20180717
Jiangmin 20180911
K7AntiVirus 20180911
K7GW 20180911
Kaspersky 20180911
Kingsoft 20180911
Malwarebytes 20180911
MAX 20180911
McAfee 20180911
McAfee-GW-Edition 20180910
eScan 20180911
NANO-Antivirus 20180911
Palo Alto Networks (Known Signatures) 20180911
Panda 20180910
Sophos AV 20180911
SUPERAntiSpyware 20180907
Symantec 20180911
Symantec Mobile Insight 20180905
TACHYON 20180911
Tencent 20180911
TheHacker 20180907
TotalDefense 20180911
TrendMicro 20180911
TrendMicro-HouseCall 20180911
Trustlook 20180911
VBA32 20180911
VIPRE 20180911
ViRobot 20180911
Webroot 20180911
Yandex 20180910
Zillya 20180910
ZoneAlarm by Check Point 20180911
Zoner 20180910
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
License: MPL 1.1/GPL 2.0/LGPL 2.1

Product Mozilla
Internal name uconv
File version Personal
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-09-11 17:47:55
Entry Point 0x0001CEEA
Number of sections 5
PE sections
PE imports
RevertToSelf
GetSaveFileNameW
CryptMsgGetAndVerifySigner
SetDIBits
GetBrushOrgEx
GetDIBColorTable
OffsetRgn
SaveDC
SelectPalette
GetROP2
GetTextCharacterExtra
GetProcessId
GetSystemWindowsDirectoryA
FindCloseChangeNotification
GetModuleHandleA
WTSGetActiveConsoleSessionId
VerifyVersionInfoW
UnhandledExceptionFilter
LoadLibraryExW
GetFileType
SetVolumeLabelA
UnlockFileEx
SetThreadIdealProcessor
VerifyScripts
OutputDebugStringA
SetLocalTime
FoldStringW
LZSeek
MprConfigTransportSetInfo
MprAdminMIBServerDisconnect
ICOpenFunction
NetShareCheck
VarBoolFromDate
VariantTimeToSystemTime
VarParseNumFromStr
glEvalCoord1f
EnumPwrSchemes
RpcServerRegisterAuthInfoW
RpcMgmtWaitServerListen
SetupDiEnumDriverInfoW
SetupDiGetClassImageListExW
SHStrDupW
PathFindNextComponentW
EnumerateSecurityPackagesW
GetCaretBlinkTime
GetParent
DlgDirListA
CopyRect
LockSetForegroundWindow
GetClassLongA
InternetReadFile
InternetTimeToSystemTime
InternetGetConnectedState
InternetWriteFile
waveOutGetErrorTextW
waveInGetID
mixerGetControlDetailsW
EnumPrinterDriversW
CryptCATPutAttrInfo
SCardTransmit
GetHGlobalFromStream
OleRegGetUserType
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
CodeSize
0

UninitializedDataSize
1006425862

LinkerVersion
12.1

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
81408

EntryPoint
0x1ceea

MIMEType
application/octet-stream

LegalCopyright
License: MPL 1.1/GPL 2.0/LGPL 2.1

FileVersion
Personal

TimeStamp
2018:09:11 10:47:55-07:00

FileType
Win32 EXE

PEType
PE32

InternalName
uconv

ProductVersion
Personal

SubsystemVersion
5.0

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Mozilla, Netscape

LegalTrademarks
Mozilla, Netscape

ProductName
Mozilla

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 6ee81f19c0b8da85487a32edf30f5bb8
SHA1 b9d3243e178801d63948ff19cd8613baa1dfeee0
SHA256 55330a70b305c34a9bb3197912c3307f5880cde77cff782d509c05621e52e6ab
ssdeep
3072:WH0jhuyeZ9/ulQy0tPzsJgSebg5FkmIyDZlGDBb2whiWz0YXdjyBBR5s2Kg0Y+PE:WHpL28QJgSebWTIyDZK2wh0YXd6BIu

authentihash 1b9f11c302f2dbca2756e1aa89e5a9381bae0e99e0f59005a43a455cb6373f37
imphash 20f23014e13604ba04a51e90a23ad714
File size 290.5 KB ( 297472 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-09-11 10:53:07 UTC ( 5 months, 1 week ago )
Last submission 2018-09-11 10:53:48 UTC ( 5 months, 1 week ago )
File names 7086224.exe
6.exe
zbetcheckin_tracker_Utrr94HF
82.exe
uconv
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!