× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 55c659c81d5085d1f4bcc5da2a4a63b357083ab4d99c1416d2eee7aff52f5dd6
File name: SuS3419bnT6bqr.exe
Detection ratio: 13 / 69
Analysis date: 2018-10-07 08:02:12 UTC ( 4 months, 2 weeks ago ) View latest
Antivirus Result Update
Bkav HW32.Packed. 20181005
CAT-QuickHeal Trojan.Emotet.X4 20181006
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20180723
Cylance Unsafe 20181007
Endgame malicious (moderate confidence) 20180730
Sophos ML heuristic 20180717
McAfee-GW-Edition BehavesLike.Win32.Generic.ch 20181007
Microsoft Trojan:Win32/Fuerboos.C!cl 20181007
NANO-Antivirus Virus.Win32.Gen.ccmw 20181007
Qihoo-360 HEUR/QVM20.1.5C6B.Malware.Gen 20181007
Rising Trojan.Fuerboos!8.EFC8 (TFE:dGZlOgJlfFH45pugaA) 20181007
SentinelOne (Static ML) static engine - malicious 20180926
Symantec ML.Attribute.HighConfidence 20181006
Ad-Aware 20181007
AegisLab 20181007
AhnLab-V3 20181006
Alibaba 20180921
ALYac 20181007
Antiy-AVL 20181007
Arcabit 20181007
Avast 20181007
Avast-Mobile 20181007
AVG 20181007
Avira (no cloud) 20181006
AVware 20180925
Babable 20180918
Baidu 20180930
BitDefender 20181007
ClamAV 20181007
CMC 20181007
Comodo 20181007
Cybereason 20180225
Cyren 20181007
DrWeb 20181007
eGambit 20181007
Emsisoft 20181007
ESET-NOD32 20181007
F-Prot 20181007
F-Secure 20181007
Fortinet 20181007
GData 20181007
Ikarus 20181006
Jiangmin 20181007
K7AntiVirus 20181007
K7GW 20181007
Kaspersky 20181007
Kingsoft 20181007
Malwarebytes 20181007
MAX 20181007
McAfee 20181007
eScan 20181007
Palo Alto Networks (Known Signatures) 20181007
Panda 20181006
Sophos AV 20181007
SUPERAntiSpyware 20181006
Symantec Mobile Insight 20181001
TACHYON 20181007
Tencent 20181007
TheHacker 20181001
TotalDefense 20181007
TrendMicro 20181007
TrendMicro-HouseCall 20181007
Trustlook 20181007
VBA32 20181005
VIPRE 20181007
ViRobot 20181006
Webroot 20181007
Yandex 20181005
Zillya 20181005
ZoneAlarm by Check Point 20181007
Zoner 20181006
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© С Corporation. All rights reserved.

Product С® Qwe® Operating System
Original name Qwerty.dll
Internal name Qwerty.dll
File version 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Description WMI CMI Plugin
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-04-28 14:30:48
Entry Point 0x0001A946
Number of sections 5
PE sections
PE imports
GetModuleHandleA
GetSystemTimes
GetUserGeoID
SetFileBandwidthReservation
FlushFileBuffers
BeginDeferWindowPos
GetProcessWindowStation
GetPrinterDriverDirectoryW
Number of PE resources by type
RT_MESSAGETABLE 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
4294967295

LinkerVersion
12.1

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.1.7601.17514

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
WMI CMI Plugin

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
54784

EntryPoint
0x1a946

OriginalFileName
Qwerty.dll

MIMEType
application/octet-stream

LegalCopyright
Corporation. All rights reserved.

FileVersion
6.1.7601.17514 (win7sp1_rtm.101119-1850)

TimeStamp
2004:04:28 16:30:48+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
Qwerty.dll

ProductVersion
6.1.7601.17514

SubsystemVersion
5.0

OSVersion
4.2

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Corporation

CodeSize
109056

ProductName
Qwe Operating System

ProductVersionNumber
6.1.7601.17514

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 ebfab143516f56d269603af3cdb3a6ab
SHA1 cbc17fa6ca3272a892d7345ba67e80208fcfa6fd
SHA256 55c659c81d5085d1f4bcc5da2a4a63b357083ab4d99c1416d2eee7aff52f5dd6
ssdeep
3072:kiSqmM6UjRhGo7Xvme9S5YkD1EhonWKLArNWne+xCT2Y6:rSqmMBh97/h9S5YkBEmRA

authentihash c5b3f75e36439bd53dba8340da9978326ff7567a7add3341576708af0977d9f9
imphash 7a46f91bf4169592a75ae8de1d2fcfc2
File size 155.5 KB ( 159232 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-07 08:02:12 UTC ( 4 months, 2 weeks ago )
Last submission 2018-10-07 08:02:12 UTC ( 4 months, 2 weeks ago )
File names Qwerty.dll
SuS3419bnT6bqr.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!