× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5ae3bb6629a522abba06b526b564902b967d6c8b9b9518ce543cd2dbb91397a3
Detection ratio: 16 / 67
Analysis date: 2018-03-13 19:19:23 UTC ( 3 months, 1 week ago ) View latest
Antivirus Result Update
AegisLab Virus.W32.Mdeclass!c 20180313
Avast FileRepMalware 20180313
AVG FileRepMalware 20180313
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9962 20180313
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20170201
Cylance Unsafe 20180313
Endgame malicious (high confidence) 20180308
Fortinet W32/Kryptik.GEEX!tr 20180313
Sophos ML heuristic 20180121
McAfee Emotet-FGS!6262CF51121F 20180313
McAfee-GW-Edition BehavesLike.Win32.Sivis.ch 20180313
Palo Alto Networks (Known Signatures) generic.ml 20180313
Rising Malware.XPACK-LNR/Heur!1.5594 (CLASSIC) 20180313
Sophos AV Mal/EncPk-ANR 20180313
Symantec Trojan.Gen.2 20180313
Webroot W32.Trojan.Gen 20180313
Ad-Aware 20180313
AhnLab-V3 20180313
Alibaba 20180313
ALYac 20180313
Antiy-AVL 20180313
Arcabit 20180313
Avast-Mobile 20180313
Avira (no cloud) 20180313
AVware 20180313
BitDefender 20180313
Bkav 20180313
CAT-QuickHeal 20180313
ClamAV 20180313
CMC 20180313
Comodo 20180313
Cybereason None
Cyren 20180313
DrWeb 20180313
eGambit 20180313
Emsisoft 20180313
ESET-NOD32 20180313
F-Prot 20180313
F-Secure 20180313
GData 20180313
Ikarus 20180313
Jiangmin 20180313
K7AntiVirus 20180313
K7GW 20180313
Kaspersky 20180313
Kingsoft 20180313
Malwarebytes 20180313
MAX 20180313
Microsoft 20180313
eScan 20180313
NANO-Antivirus 20180313
nProtect 20180313
Panda 20180313
Qihoo-360 20180313
SentinelOne (Static ML) 20180225
SUPERAntiSpyware 20180313
Symantec Mobile Insight 20180311
Tencent 20180313
TheHacker 20180311
TotalDefense 20180313
TrendMicro 20180313
TrendMicro-HouseCall 20180313
Trustlook 20180313
VBA32 20180313
VIPRE 20180313
ViRobot 20180313
WhiteArmor 20180223
Yandex 20180313
Zillya 20180313
ZoneAlarm by Check Point 20180313
Zoner 20180313
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Visual Studio® 2015
Original name MFC140KOR.DLL
Internal name MFC140KOR.DLL
File version 14.0.23026.0 built by: WCSETUP
Description MFC Language Specific Resources
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-03-13 16:10:33
Entry Point 0x00001D40
Number of sections 4
PE sections
PE imports
ImageList_AddMasked
CryptStringToBinaryW
GetBitmapBits
CallNamedPipeW
GetLastError
GetModuleHandleA
GetSystemDefaultUILanguage
GetCurrentConsoleFontEx
CreateMutexW
FlsGetValue
FreeConsole
GetACP
FlsFree
GetModuleFileNameA
GetBinaryTypeA
RpcSsGetContextBinding
CM_Get_HW_Prof_Flags_ExW
SetupDiGetDeviceRegistryPropertyW
CM_Get_Device_Interface_ListW
GetOpenClipboardWindow
GetActiveWindow
AdjustWindowRect
GetCursor
EnableWindow
GetMessagePos
GetDlgItemInt
waveOutSetPitch
waveInUnprepareHeader
EnumPrinterDataExW
Ord(29)
CoFreeUnusedLibraries
CoAddRefServerProcess
Number of PE resources by type
RT_STRING 60
RT_DIALOG 27
RT_MENU 1
RT_VERSION 1
Struct(240) 1
Number of PE resources by language
KOREAN 90
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.0

LinkerVersion
0.4

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
14.0.23026.0

UninitializedDataSize
1

LanguageCode
Korean

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
147456

EntryPoint
0x1d40

OriginalFileName
MFC140KOR.DLL

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
14.0.23026.0 built by: WCSETUP

TimeStamp
2018:03:13 17:10:33+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
MFC140KOR.DLL

ProductVersion
14.0.23026.0

FileDescription
MFC Language Specific Resources

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
0

ProductName
Microsoft Visual Studio 2015

ProductVersionNumber
14.0.23026.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 6262cf51121fdcb67d0691f6be578956
SHA1 ab0dfac6561c1b57cc1728f31d0f6c915a450e9c
SHA256 5ae3bb6629a522abba06b526b564902b967d6c8b9b9518ce543cd2dbb91397a3
ssdeep
3072:tfgLLkLzKDsiPDnr9BZKuaH2qpC7oJzEZX4IFtM:t4LLkLugiPDnrpKuZqpCcJzYLt

authentihash 0d1f0461779bb2a6127e4311b0384e5dd7f9b1986dfe662195b2db3e2d6d82ca
imphash d751210b74c2b8816b838599cc5785fe
File size 156.0 KB ( 159744 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-03-13 16:14:42 UTC ( 3 months, 1 week ago )
Last submission 2018-05-24 14:21:10 UTC ( 1 month ago )
File names pMf4BuVdDM669eaXIm.exe
8810.exe
dnsiso.exe
audiocert.exe
VirusShare_6262cf51121fdcb67d0691f6be578956
regdefrag.exe
76143.exe
12938.exe
regdefrag.exe
6818.exe
MFC140KOR.DLL
93373.exe
audiocert.exe
VirusShare_6262cf51121fdcb67d0691f6be578956
0984.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!