× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 56cd4e5f74f51cb3c95cfd518c0c4332127e5e7edbdacdfd303d1bd5a8f7c05f
File name: f12117d65a1a0f111d133da0b42d1e70.virus
Detection ratio: 37 / 68
Analysis date: 2017-12-28 22:10:37 UTC ( 11 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.12699110 20171225
AhnLab-V3 Trojan/Win32.Emotet.R216356 20171228
ALYac Trojan.GenericKD.12699110 20171228
Arcabit Trojan.Generic.DC1C5E6 20171228
Avast FileRepMetagen [Malware] 20171228
AVG FileRepMetagen [Malware] 20171228
Avira (no cloud) TR/Crypt.Xpack.zubbm 20171228
AVware Trojan.Win32.Generic!BT 20171228
BitDefender Trojan.GenericKD.12699110 20171228
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20171016
Cylance Unsafe 20171228
Cyren W32/Trojan.XZDK-8408 20171228
Emsisoft Trojan.GenericKD.12699110 (B) 20171228
Endgame malicious (high confidence) 20171130
ESET-NOD32 a variant of Win32/Kryptik.GAXN 20171228
F-Secure Trojan.GenericKD.12699110 20171228
Fortinet W32/Kryptik.GAXN!tr 20171228
GData Trojan.GenericKD.12699110 20171228
Sophos ML heuristic 20170914
Kaspersky Trojan.Win32.Dovs.epa 20171228
Malwarebytes Trojan.Emotet 20171228
MAX malware (ai score=81) 20171228
McAfee Emotet-FDM!F12117D65A1A 20171228
McAfee-GW-Edition BehavesLike.Win32.Trojan.cc 20171228
eScan Trojan.GenericKD.12699110 20171228
Panda Trj/RnkBend.A 20171228
Qihoo-360 HEUR/QVM20.1.27EB.Malware.Gen 20171228
Rising Trojan.Kryptik!8.8 (TFE:3:I5Cc2gyLMNI) 20171228
SentinelOne (Static ML) static engine - malicious 20171224
Sophos AV Mal/EncPk-ANR 20171228
Symantec Trojan.Emotet 20171227
Tencent Suspicious.Heuristic.Gen.b.0 20171228
TrendMicro TROJ_GEN.R039C0OLR17 20171228
TrendMicro-HouseCall TROJ_GEN.R039C0OLR17 20171228
VIPRE Trojan.Win32.Generic!BT 20171228
Webroot W32.Trojan.Emotet 20171228
ZoneAlarm by Check Point Trojan.Win32.Dovs.epa 20171228
AegisLab 20171228
Alibaba 20171228
Antiy-AVL 20171228
Avast-Mobile 20171228
Baidu 20171227
Bkav 20171228
CAT-QuickHeal 20171228
ClamAV 20171228
CMC 20171228
Comodo 20171228
Cybereason 20171103
DrWeb 20171228
eGambit 20171228
F-Prot 20171228
Ikarus 20171228
Jiangmin 20171228
K7AntiVirus 20171228
K7GW 20171228
Kingsoft 20171228
Microsoft 20171228
NANO-Antivirus 20171228
nProtect 20171228
Palo Alto Networks (Known Signatures) 20171228
SUPERAntiSpyware 20171228
Symantec Mobile Insight 20171228
TheHacker 20171226
TotalDefense 20171228
Trustlook 20171228
VBA32 20171228
ViRobot 20171228
WhiteArmor 20171226
Yandex 20171225
Zillya 20171228
Zoner 20171228
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-12-24 06:30:48
Entry Point 0x00018C60
Number of sections 4
PE sections
PE imports
Ord(526)
GetMessagePos
inet_addr
WSACleanup
SCardBeginTransaction
Ord(30)
Ord(29)
CoUninitialize
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2017:12:24 07:30:48+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
40960

LinkerVersion
12.0

EntryPoint
0x18c60

InitializedDataSize
16384

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 f12117d65a1a0f111d133da0b42d1e70
SHA1 3df9789cd6a76f97a4ae316cb814317f612f9d9d
SHA256 56cd4e5f74f51cb3c95cfd518c0c4332127e5e7edbdacdfd303d1bd5a8f7c05f
ssdeep
1536:TR1pmCoLPoMwTQSzNDRrF1Z6BOZuUPo0Pl0evO2/YmuQkbqzmOmDvhcA09ogV:1jmCoSTQcRrBZuaWT2/YmAOmtDvhc2A

authentihash 7050ff6b168f6f9caa60da6b9a41eb7f1f3cd39c99acdfe8e8c23373a9d55823
imphash 6b6c44091d9f9f02544f1d1534545b78
File size 120.0 KB ( 122880 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2017-12-28 22:10:37 UTC ( 11 months, 3 weeks ago )
Last submission 2018-05-26 18:04:04 UTC ( 6 months, 3 weeks ago )
File names f12117d65a1a0f111d133da0b42d1e70.virus
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!