× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 55f84f8daa5d1eca86436d0acec7200533d4a4029385609d47555a12eb16a7fa
File name: FAILFILES.EXE
Detection ratio: 42 / 68
Analysis date: 2018-09-30 00:23:58 UTC ( 4 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.40533918 20180930
AhnLab-V3 Trojan/Win32.Emotet.R238307 20180929
ALYac Trojan.GenericKD.40533918 20180929
Antiy-AVL Trojan/Win32.Azden 20180930
Arcabit Trojan.Generic.D26A7F9E 20180929
Avast Win32:Malware-gen 20180929
AVG Win32:Malware-gen 20180929
Avira (no cloud) HEUR/AGEN.1035352 20180929
BitDefender Trojan.GenericKD.40533918 20180929
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cybereason malicious.994f95 20180225
Cylance Unsafe 20180930
Cyren W32/Emotet.GW.gen!Eldorado 20180930
DrWeb Trojan.EmotetENT.273 20180930
Emsisoft Trojan.Emotet (A) 20180929
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Kryptik.GLEE 20180929
F-Prot W32/Emotet.GW.gen!Eldorado 20180930
F-Secure Trojan.GenericKD.40533918 20180929
Fortinet W32/Kryptik.GLEE!tr 20180929
GData Trojan.GenericKD.40533918 20180930
Ikarus Trojan.Win32.Krypt 20180929
Sophos ML heuristic 20180717
K7AntiVirus Riskware ( 0040eff71 ) 20180929
K7GW Riskware ( 0040eff71 ) 20180929
Kaspersky Trojan-Banker.Win32.Emotet.bfhl 20180930
Malwarebytes Trojan.Emotet 20180930
McAfee RDN/Generic.grp 20180929
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.ch 20180929
Microsoft Trojan:Win32/Emotet.AC!bit 20180929
eScan Trojan.GenericKD.40533918 20180929
Palo Alto Networks (Known Signatures) generic.ml 20180930
Panda Trj/GdSda.A 20180929
Qihoo-360 HEUR/QVM20.1.2775.Malware.Gen 20180930
Rising Trojan.Emotet!8.B95 (CLOUD) 20180929
SentinelOne (Static ML) static engine - malicious 20180926
Sophos AV Mal/EncPk-ANX 20180930
Symantec Trojan.Gen.2 20180929
Tencent Win32.Trojan-banker.Emotet.Sxyl 20180930
TrendMicro TROJ_GEN.R062C0CIT18 20180929
ViRobot Trojan.Win32.Z.Emotet.180224.Y 20180929
Webroot W32.Trojan.Emotet 20180930
AegisLab 20180929
Alibaba 20180921
Avast-Mobile 20180928
AVware 20180925
Babable 20180918
Baidu 20180929
Bkav 20180928
CAT-QuickHeal 20180929
ClamAV 20180929
CMC 20180929
Comodo 20180930
eGambit 20180930
Jiangmin 20180929
Kingsoft 20180930
MAX 20180930
NANO-Antivirus 20180930
SUPERAntiSpyware 20180907
Symantec Mobile Insight 20180924
TACHYON 20180929
TheHacker 20180927
TotalDefense 20180929
TrendMicro-HouseCall 20180929
Trustlook 20180930
VBA32 20180928
VIPRE 20180929
Yandex 20180927
Zillya 20180928
ZoneAlarm by Check Point 20180925
Zoner 20180927
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-09-27 21:00:25
Entry Point 0x00004180
Number of sections 5
PE sections
PE imports
RegSaveKeyExW
GetSecurityDescriptorControl
SetFileSecurityW
CreateToolbarEx
GetOpenFileNameW
CryptMsgGetAndVerifySigner
CryptStringToBinaryA
JetSetColumns
PaintRgn
GetCharABCWidthsW
GetCharacterPlacementW
InvertRgn
GetClipRgn
RectVisible
EqualRgn
ExtCreateRegion
EnumFontsA
GetBkColor
CreateFontW
ImmGetCompositionStringW
GetUserDefaultUILanguage
PeekNamedPipe
CompareStringW
FillConsoleOutputAttribute
SetCriticalSectionSpinCount
SetCurrentDirectoryW
SetTimerQueueTimer
PostQueuedCompletionStatus
GetNamedPipeServerProcessId
ResetEvent
FreeConsole
InterlockedCompareExchange
GetCurrencyFormatW
LZOpenFileW
MprConfigBufferFree
VARIANT_UserFree
SysAllocStringLen
glGetError
glTexCoord2f
WriteGlobalPwrPolicy
RpcUserFree
SetupInstallServicesFromInfSectionExW
SetupFindNextMatchLineW
CM_Get_Device_ID_ExW
PathIsSystemFolderW
QuerySecurityContextToken
DlgDirSelectComboBoxExA
GetOpenClipboardWindow
GetWindow
ExcludeUpdateRgn
CopyAcceleratorTableW
GetCursor
ChildWindowFromPoint
EnumDisplaySettingsExW
GetLastInputInfo
SetDlgItemTextW
midiOutGetDevCapsA
mciGetCreatorTask
EnumFormsW
DeletePrinter
SCardGetProviderIdA
CoUnmarshalHresult
OleBuildVersion
GetConvertStg
PdhEnumObjectItemsW
Number of PE resources by type
RT_MANIFEST 1
Number of PE resources by language
CHINESE SIMPLIFIED 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:09:27 22:00:25+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
159744

LinkerVersion
16.1

ImageFileCharacteristics
No relocs, Executable, 32-bit

EntryPoint
0x4180

InitializedDataSize
49152

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
6.0

UninitializedDataSize
0

File identification
MD5 5e57d24994f9512065435b7fe773ec84
SHA1 a21989d42fd6bc64feefc3c9b2378fb7c9fbec56
SHA256 55f84f8daa5d1eca86436d0acec7200533d4a4029385609d47555a12eb16a7fa
ssdeep
1536:jcHFt6TfhlqPNSgK/u6XSg3PYhC+3x5Wnn5WtXoNHTQysTE6scbwOMahnnr9NaH:8Fw+Jp6igwUc7anItXkc66bkqF9NaH

authentihash 2812673e664974489a72e99746b4d5273ddd9b53cd63b625aa7eef86c0d5aee8
imphash c69f53f14245e3b3c2cc2de80c003a9d
File size 176.0 KB ( 180224 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-09-27 21:03:51 UTC ( 4 months, 3 weeks ago )
Last submission 2018-11-16 19:08:13 UTC ( 3 months ago )
File names EZIUOJ0H8ZFV.EXE
XQTZJFBB6SCVCSE.EXE
FAILFILES.EXE
knD2Zb.exe
20572616.EXE
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!