× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 587baa0b7af98711476114f00f7a7759dc142d4a15d2c912f2ada954221f4ba6
File name: 3.exe
Detection ratio: 12 / 65
Analysis date: 2018-09-11 09:37:26 UTC ( 5 months, 1 week ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20180911
AVG FileRepMalware 20180911
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180910
CrowdStrike Falcon (ML) malicious_confidence_70% (D) 20180723
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Kryptik.GKQC 20180911
McAfee Emotet-FHQ!E2F418E8453F 20180911
Microsoft Trojan:Win32/Emotet.AC!bit 20180911
Palo Alto Networks (Known Signatures) generic.ml 20180911
Qihoo-360 HEUR/QVM20.1.CA90.Malware.Gen 20180911
Rising Trojan.Emotet!8.B95 (TFE:2:UEXKJPQcL3P) 20180911
SentinelOne (Static ML) static engine - malicious 20180830
Ad-Aware 20180911
AegisLab 20180911
AhnLab-V3 20180910
Alibaba 20180713
ALYac 20180911
Antiy-AVL 20180911
Arcabit 20180911
Avast-Mobile 20180911
Avira (no cloud) 20180911
AVware 20180911
Babable 20180907
BitDefender 20180911
Bkav 20180911
CAT-QuickHeal 20180909
ClamAV 20180911
CMC 20180911
Comodo 20180911
Cybereason 20180225
Cylance 20180911
Cyren 20180911
DrWeb 20180911
eGambit 20180911
Emsisoft 20180911
F-Prot 20180911
F-Secure 20180911
Fortinet 20180911
GData 20180911
Ikarus 20180911
Sophos ML 20180717
Jiangmin 20180911
K7AntiVirus 20180911
K7GW 20180911
Kaspersky 20180911
Kingsoft 20180911
Malwarebytes 20180911
MAX 20180911
McAfee-GW-Edition 20180910
eScan 20180911
NANO-Antivirus 20180911
Panda 20180910
Sophos AV 20180911
SUPERAntiSpyware 20180907
Symantec 20180911
Symantec Mobile Insight 20180905
TACHYON 20180911
Tencent 20180911
TheHacker 20180907
TrendMicro 20180911
TrendMicro-HouseCall 20180911
Trustlook 20180911
VBA32 20180911
VIPRE 20180911
ViRobot 20180911
Webroot 20180911
Yandex 20180910
Zillya 20180910
ZoneAlarm by Check Point 20180911
Zoner 20180910
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
License: MPL 1.1/GPL 2.0/LGPL 2.1

Product Mozilla
Internal name uconv
File version Personal
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-09-11 16:05:03
Entry Point 0x0001BF20
Number of sections 5
PE sections
PE imports
RevertToSelf
GetSaveFileNameW
CryptMsgGetAndVerifySigner
GetBrushOrgEx
SetDIBits
GetDIBColorTable
OffsetRgn
SaveDC
SelectPalette
GetROP2
GetTextCharacterExtra
GetProcessId
GetSystemWindowsDirectoryA
SetVolumeLabelA
SetThreadIdealProcessor
GetModuleHandleA
WTSGetActiveConsoleSessionId
UnhandledExceptionFilter
LoadLibraryExW
GetFileType
FoldStringW
UnlockFileEx
SetLocalTime
VerifyScripts
OutputDebugStringA
VerifyVersionInfoW
FindCloseChangeNotification
LZSeek
MprConfigTransportSetInfo
MprAdminMIBServerDisconnect
ICOpenFunction
NetShareCheck
VarBoolFromDate
VariantTimeToSystemTime
VarParseNumFromStr
glEvalCoord1f
EnumPwrSchemes
RpcServerRegisterAuthInfoW
RpcMgmtWaitServerListen
SetupDiEnumDriverInfoW
SetupDiGetClassImageListExW
PathFindNextComponentW
SHStrDupW
EnumerateSecurityPackagesW
GetCaretBlinkTime
GetParent
DlgDirListA
CopyRect
LockSetForegroundWindow
GetClassLongA
InternetReadFile
InternetWriteFile
InternetGetConnectedState
InternetTimeToSystemTime
waveOutGetErrorTextW
waveInGetID
mixerGetControlDetailsW
EnumPrinterDriversW
CryptCATPutAttrInfo
SCardTransmit
GetHGlobalFromStream
OleRegGetUserType
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
CodeSize
0

UninitializedDataSize
1006425862

LinkerVersion
12.1

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
79360

EntryPoint
0x1bf20

MIMEType
application/octet-stream

LegalCopyright
License: MPL 1.1/GPL 2.0/LGPL 2.1

FileVersion
Personal

TimeStamp
2018:09:11 18:05:03+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
uconv

ProductVersion
Personal

SubsystemVersion
5.0

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Mozilla, Netscape

LegalTrademarks
Mozilla, Netscape

ProductName
Mozilla

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 e2f418e8453f5e0bc00c92bf9514ffaf
SHA1 31c83b5d3c93fd6d8a213cee1cb55a8408ad2201
SHA256 587baa0b7af98711476114f00f7a7759dc142d4a15d2c912f2ada954221f4ba6
ssdeep
3072:ZWSM/HPFEd8jaAaB6dwnLkRk/nIfglDKc4OgPe3vxBdBR8u0QFCIuy2QAU4eit:gFEd8daB6GLRnInF1e3+uWIvU

authentihash 725b81cce2f38bf8a2d0ef55cecd08a4775b35b9e2eb8977bb6d11b06e871a25
imphash 29540a4b8af3961c19ed2b45f65e2c98
File size 284.0 KB ( 290816 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-09-11 09:14:18 UTC ( 5 months, 1 week ago )
Last submission 2018-09-11 09:21:50 UTC ( 5 months, 1 week ago )
File names 3.exe
76.exe
99.exe
uconv
GMEMcD.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!