× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5a0e8c9b202a4aab0b037db3bccf655afaefacb73a310010c79eec456341bffb
File name: 22.exe
Detection ratio: 31 / 68
Analysis date: 2018-06-20 15:06:58 UTC ( 8 months, 1 week ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Razy.350680 20180620
AhnLab-V3 Trojan/Win32.Agent.R230305 20180620
ALYac Trojan.Agent.Emotet 20180620
Arcabit Trojan.Razy.D559D8 20180620
Avast Win32:Malware-gen 20180620
AVG Win32:Malware-gen 20180620
Avira (no cloud) TR/AD.Emotet.kjtmf 20180620
Babable Malware.HighConfidence 20180406
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180620
BitDefender Gen:Variant.Razy.350680 20180620
Bkav HW32.Packed.3D0B 20180620
CAT-QuickHeal Trojan.Drixed.100454 20180620
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180530
Cybereason malicious.c975e2 20180225
Cylance Unsafe 20180620
Cyren W32/Trojan.LVQN-3626 20180620
Emsisoft Gen:Variant.Razy.350680 (B) 20180620
Endgame malicious (high confidence) 20180612
ESET-NOD32 Win32/Emotet.BK 20180620
F-Secure Gen:Variant.Razy.350680 20180620
GData Gen:Variant.Razy.350680 20180620
Malwarebytes Spyware.Emotet 20180620
MAX malware (ai score=81) 20180620
McAfee Emotet-FGR!7C631B2C975E 20180620
Microsoft Trojan:Win32/Dynamer!ac 20180620
eScan Gen:Variant.Razy.350680 20180620
Qihoo-360 Win32/Trojan.c5b 20180620
SentinelOne (Static ML) static engine - malicious 20180618
Sophos AV Mal/EncPk-ANR 20180620
Symantec ML.Attribute.HighConfidence 20180620
VBA32 BScope.Trojan.Dovs 20180620
AegisLab 20180620
Alibaba 20180620
Antiy-AVL 20180620
Avast-Mobile 20180620
AVware 20180620
ClamAV 20180620
CMC 20180620
Comodo 20180620
DrWeb 20180620
eGambit 20180620
F-Prot 20180620
Fortinet 20180620
Ikarus 20180620
Sophos ML 20180601
Jiangmin 20180620
K7AntiVirus 20180620
K7GW 20180620
Kaspersky 20180620
Kingsoft 20180620
McAfee-GW-Edition 20180620
NANO-Antivirus 20180620
Palo Alto Networks (Known Signatures) 20180620
Panda 20180620
Rising 20180620
SUPERAntiSpyware 20180620
Symantec Mobile Insight 20180619
TACHYON 20180620
Tencent 20180620
TheHacker 20180619
TrendMicro 20180620
TrendMicro-HouseCall 20180620
Trustlook 20180620
VIPRE 20180620
ViRobot 20180620
Webroot 20180620
Yandex 20180620
Zillya 20180620
ZoneAlarm by Check Point 20180620
Zoner 20180620
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(c)2008-2018 CPUID. All rights reserved.

Product CPUID Hardware Monitor
Original name HWMonitor.exe
Internal name HWMonitor.exe
File version 1, 3, 5, 0
Description HWMonitor
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-06-20 03:33:06
Entry Point 0x00001518
Number of sections 4
PE sections
Overlays
MD5 692c8022360661692872fdc730517229
File type ASCII text
Offset 126976
Size 3
Entropy 1.58
PE imports
FindFirstFreeAce
AddAccessDeniedAce
GetSecurityDescriptorDacl
CryptCreateHash
CryptSIPAddProvider
JetMakeKey
GetFontData
PaintRgn
ExtEscape
RemoveFontMemResourceEx
SetStretchBltMode
SuspendThread
GetThreadPriority
GetTimeZoneInformation
GetSystemDefaultLocaleName
LocalFlags
SetTapePosition
GetCommState
CloseHandle
GetSystemTimeAsFileTime
GetDynamicTimeZoneInformation
lstrcmpW
VirtualAlloc
RpcStringBindingParseW
SetupGetStringFieldA
SetupGetLineTextA
PathStripPathW
UrlApplySchemeW
GetDoubleClickTime
UnregisterHotKey
FlashWindow
OpenWindowStationA
GetThreadDesktop
IsDialogMessageA
OleTranslateAccelerator
Number of PE resources by type
RT_STRING 26
RT_DIALOG 4
RT_BITMAP 4
RT_MENU 1
RT_ACCELERATOR 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 34
FRENCH 3
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2018:06:20 04:33:06+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
12288

LinkerVersion
0.0

FileTypeExtension
exe

InitializedDataSize
65536

SubsystemVersion
5.0

EntryPoint
0x1518

OSVersion
5.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 7c631b2c975e24887c0ed4f2047e36c5
SHA1 32fe0c23b6911e44ac60fc370a4072b50cc0b1c1
SHA256 5a0e8c9b202a4aab0b037db3bccf655afaefacb73a310010c79eec456341bffb
ssdeep
1536:BfqhgyWB5upk8p84DzpM0ai8KGJYV31Gkr4jrxU/ruymEPfb+EPpUdDZNXF:dqhgyvzyVzYVlPOrqruwPfyEPpUdDzXF

authentihash d31a684229173ad4797c043103a49bc9b2e0160e71d13a71dc96a33a9e965b69
imphash d68943607166d930691d4b4583e2bc87
File size 124.0 KB ( 126979 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe overlay

VirusTotal metadata
First submission 2018-06-20 15:06:58 UTC ( 8 months, 1 week ago )
Last submission 2018-06-20 15:06:58 UTC ( 8 months, 1 week ago )
File names 22.exe
HWMonitor.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!