× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 567823a8ecd3d0584b00da1b537f37b6f480abe8fadfb98528c15ef44ac741c3
File name: zbetcheckin_tracker_34de6662aef2a1d799132e4f32a9bbe9
Detection ratio: 12 / 70
Analysis date: 2018-12-17 12:53:52 UTC ( 2 months ago )
Antivirus Result Update
AVG FileRepMalware 20181217
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20181022
Cylance Unsafe 20181217
Emsisoft Trojan.Emotet (A) 20181217
Endgame malicious (high confidence) 20181108
Sophos ML heuristic 20181128
Microsoft Trojan:Win32/Fuerboos.C!cl 20181216
Qihoo-360 HEUR/QVM20.1.ED07.Malware.Gen 20181217
Rising Trojan.Fuerboos!8.EFC8 (TFE:2:xBEn8WEcuzM) 20181217
SentinelOne (Static ML) static engine - malicious 20181011
Symantec ML.Attribute.HighConfidence 20181216
Trapmine malicious.high.ml.score 20181205
Ad-Aware 20181217
AegisLab 20181217
AhnLab-V3 20181217
Alibaba 20180921
ALYac 20181217
Antiy-AVL 20181217
Arcabit 20181217
Avast 20181216
Avast-Mobile 20181216
Avira (no cloud) 20181217
Babable 20180918
Baidu 20181207
BitDefender 20181217
Bkav 20181217
CAT-QuickHeal 20181217
ClamAV 20181217
CMC 20181216
Comodo 20181217
Cybereason 20180225
Cyren 20181217
DrWeb 20181217
eGambit 20181217
ESET-NOD32 20181217
F-Prot 20181217
F-Secure 20181217
Fortinet 20181217
GData 20181217
Ikarus 20181216
Jiangmin 20181217
K7AntiVirus 20181217
K7GW 20181217
Kaspersky 20181217
Kingsoft 20181217
Malwarebytes 20181216
MAX 20181217
McAfee 20181217
McAfee-GW-Edition 20181217
eScan 20181217
NANO-Antivirus 20181217
Palo Alto Networks (Known Signatures) 20181217
Panda 20181216
Sophos AV 20181217
SUPERAntiSpyware 20181212
Symantec Mobile Insight 20181215
TACHYON 20181217
Tencent 20181217
TheHacker 20181216
TotalDefense 20181217
TrendMicro 20181217
TrendMicro-HouseCall 20181217
Trustlook 20181217
VBA32 20181214
VIPRE 20181216
ViRobot 20181217
Webroot 20181217
Yandex 20181217
Zillya 20181215
ZoneAlarm by Check Point 20181217
Zoner 20181217
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1996-2001 Microsoft Corporation.

Product Twain Thunker
Internal name msencode
File version 2001072500
Description Twain.dll Client's 32-Bit
Comments
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-08-04 07:56:09
Entry Point 0x000072D2
Number of sections 6
PE sections
PE imports
CertDuplicateCTLContext
GetColorAdjustment
EndPath
GetModuleHandleW
SetCurrentConsoleFontEx
NetLocalGroupGetInfo
BeginPaint
PackDDElParam
Ord(30)
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
LegalTrademarks
Microsoft is a registered trademark of Microsoft Corporation.

SubsystemVersion
5.0

InitializedDataSize
62976

ImageVersion
0.0

ProductName
Twain Thunker

FileVersionNumber
2001.7.25.0

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

LinkerVersion
7.1

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
2001072500

TimeStamp
2004:08:04 08:56:09+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
msencode

ProductVersion
10.0

FileDescription
Twain.dll Client's 32-Bit

OSVersion
5.0

FileOS
Windows 16-bit

LegalCopyright
Copyright 1996-2001 Microsoft Corporation.

MachineType
Intel 386 or later, and compatibles

CompanyName
Twain Working Group

CodeSize
32768

FileSubtype
0

ProductVersionNumber
10.0.0.0

EntryPoint
0x72d2

ObjectFileType
Dynamic link library

File identification
MD5 34de6662aef2a1d799132e4f32a9bbe9
SHA1 596b75eccbbc9e5bcd79dfcefa7f8cdfb7eef9f2
SHA256 567823a8ecd3d0584b00da1b537f37b6f480abe8fadfb98528c15ef44ac741c3
ssdeep
1536:Y1ZdV5sf5JfKSNCagLMV78ZW7X7N/ADGNM38vtaayRpi07LnpBSIMfWl2aLgTel:cnV5+5FKbPKgclIDGNQayzRFIISaLKQ

authentihash 55b41ebc8aba02eb06f9dff67cdf6f1dfe2884a8b196bdc11b67ef0dcaf86912
imphash 1a5875be36e37766f01e4175bc3b1b5a
File size 148.0 KB ( 151552 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-17 12:53:52 UTC ( 2 months ago )
Last submission 2018-12-17 12:53:52 UTC ( 2 months ago )
File names msencode
zbetcheckin_tracker_34de6662aef2a1d799132e4f32a9bbe9
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!