× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 59ab1823d235bdc8974f0d96f16b65d8f5cb2801d4ea5c2df28b2d77ef20ac2f
File name: j1bgh.exe
Detection ratio: 14 / 66
Analysis date: 2018-11-19 22:51:03 UTC ( 3 months ago ) View latest
Antivirus Result Update
Avast Win32:MdeClass 20181119
AVG Win32:MdeClass 20181119
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
Cylance Unsafe 20181119
Endgame malicious (high confidence) 20181108
Fortinet W32/GenKryptik.CRII!tr 20181119
Sophos ML heuristic 20181108
K7AntiVirus Trojan ( 0053c2ba1 ) 20181119
K7GW Trojan ( 0053c2ba1 ) 20181119
Microsoft Trojan:Win32/Emelent.E!cl 20181119
NANO-Antivirus Virus.Win32.Gen.ccmw 20181119
Qihoo-360 HEUR/QVM19.1.5193.Malware.Gen 20181119
SentinelOne (Static ML) static engine - malicious 20181011
Symantec ML.Attribute.HighConfidence 20181118
Ad-Aware 20181119
AegisLab 20181119
AhnLab-V3 20181119
Alibaba 20180921
ALYac 20181119
Antiy-AVL 20181119
Arcabit 20181119
Avast-Mobile 20181119
Avira (no cloud) 20181119
Babable 20180918
Baidu 20181119
BitDefender 20181119
Bkav 20181119
CAT-QuickHeal 20181119
CMC 20181119
Cybereason 20180225
Cyren 20181119
DrWeb 20181119
eGambit 20181119
Emsisoft 20181119
ESET-NOD32 20181119
F-Prot 20181119
F-Secure 20181119
GData 20181119
Ikarus 20181119
Jiangmin 20181119
Kaspersky 20181119
Kingsoft 20181119
Malwarebytes 20181119
MAX 20181119
McAfee 20181119
McAfee-GW-Edition 20181119
eScan 20181119
Palo Alto Networks (Known Signatures) 20181119
Panda 20181119
Rising 20181119
Sophos AV 20181119
SUPERAntiSpyware 20181114
Symantec Mobile Insight 20181108
TACHYON 20181119
Tencent 20181119
TheHacker 20181118
TotalDefense 20181118
TrendMicro 20181119
TrendMicro-HouseCall 20181119
Trustlook 20181119
VBA32 20181119
ViRobot 20181119
Webroot 20181119
Yandex 20181119
Zillya 20181119
ZoneAlarm by Check Point 20181119
Zoner 20181119
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) Musicmatch 1998-2003

Product Musicmatch® Jukebox
Original name mmgit.dll
Internal name mmgit.dll
File version 6.1.7600
Description ApiSet Stub DLL
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-11-19 22:49:52
Entry Point 0x000BDFFF
Number of sections 5
PE sections
PE imports
EnumServicesStatusA
GetWindowExtEx
MoveToEx
DeleteObject
GetTextCharsetInfo
GetShortPathNameW
GetModuleHandleA
GetCurrentDirectoryA
SetConsoleCursorInfo
GetUserDefaultLCID
VirtualAlloc
GetDlgCtrlID
CreateCaret
UserHandleGrantAccess
RegisterRawInputDevices
GetComboBoxInfo
IsChild
Number of PE resources by type
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.3.0.44

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
ApiSet Stub DLL

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
294912

EntryPoint
0xbdfff

OriginalFileName
mmgit.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) Musicmatch 1998-2003

FileVersion
6.1.7600

TimeStamp
2018:11:19 14:49:52-08:00

FileType
Win32 EXE

PEType
PE32

InternalName
mmgit.dll

ProductVersion
1.03.0044

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Musicmatch , Inc.

CodeSize
782336

ProductName
Musicmatch Jukebox

ProductVersionNumber
1.3.0.44

FileTypeExtension
exe

ObjectFileType
Dynamic link library

Execution parents
File identification
MD5 e4ec05dc2b2e5a0e913d24186e101164
SHA1 c77bb5e1688e2c41ef78cf82ad7da4e2cc331d86
SHA256 59ab1823d235bdc8974f0d96f16b65d8f5cb2801d4ea5c2df28b2d77ef20ac2f
ssdeep
3072:xMO9Z3IZ0VALHECPqjaiSP0uppeDQER6Tg9zh14M:eq3IZ3pPHHCRkg9zH4

authentihash fbd6e3bf8321cc050b63a7f1d7eb7e32cecc595eac091a9f0e95ffede59ada97
imphash d5c47701ace2832f9725a4a417f71367
File size 1.0 MB ( 1073152 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-19 22:51:03 UTC ( 3 months ago )
Last submission 2018-11-27 05:43:19 UTC ( 2 months, 3 weeks ago )
File names Rrf8I09jjRq.exe
oK3oHp13uC6.exe
tlntaddin.henk
EAnTOuZEAQ.exe
gOfS1XakWvWh.exe
HfnWBBWRI.exe
elementstatus.exe
j1bgh.exe
addingrad.exe
knownpwd.exe
usbccidgdi.exe
elementsame.exe
e4ec05dc2b2e5a0e913d24186e101164
iCEIhw3j.exe
VfZjrhR0KwPo.exe
componlpio.exe
pwdavi.exe
NWxWV8bKnH.exe
sensoravi.exe
ClUoJasWnbRj.exe
2.exe
sddlpass.exe
extplain.exe
strcompon.exe
cachingcompon.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.