× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5ae3bb6629a522abba06b526b564902b967d6c8b9b9518ce543cd2dbb91397a3
Detection ratio: 16 / 67
Analysis date: 2018-03-13 19:19:23 UTC ( 7 months, 1 week ago ) View latest
Antivirus Result Update
AegisLab Virus.W32.Mdeclass!c 20180313
Avast FileRepMalware 20180313
AVG FileRepMalware 20180313
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9962 20180313
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20170201
Cylance Unsafe 20180313
Endgame malicious (high confidence) 20180308
Fortinet W32/Kryptik.GEEX!tr 20180313
Sophos ML heuristic 20180121
McAfee Emotet-FGS!6262CF51121F 20180313
McAfee-GW-Edition BehavesLike.Win32.Sivis.ch 20180313
Palo Alto Networks (Known Signatures) generic.ml 20180313
Rising Malware.XPACK-LNR/Heur!1.5594 (CLASSIC) 20180313
Sophos AV Mal/EncPk-ANR 20180313
Symantec Trojan.Gen.2 20180313
Webroot W32.Trojan.Gen 20180313
Ad-Aware 20180313
AhnLab-V3 20180313
Alibaba 20180313
ALYac 20180313
Antiy-AVL 20180313
Arcabit 20180313
Avast-Mobile 20180313
Avira (no cloud) 20180313
AVware 20180313
BitDefender 20180313
Bkav 20180313
CAT-QuickHeal 20180313
ClamAV 20180313
CMC 20180313
Comodo 20180313
Cybereason None
Cyren 20180313
DrWeb 20180313
eGambit 20180313
Emsisoft 20180313
ESET-NOD32 20180313
F-Prot 20180313
F-Secure 20180313
GData 20180313
Ikarus 20180313
Jiangmin 20180313
K7AntiVirus 20180313
K7GW 20180313
Kaspersky 20180313
Kingsoft 20180313
Malwarebytes 20180313
MAX 20180313
Microsoft 20180313
eScan 20180313
NANO-Antivirus 20180313
nProtect 20180313
Panda 20180313
Qihoo-360 20180313
SentinelOne (Static ML) 20180225
SUPERAntiSpyware 20180313
Symantec Mobile Insight 20180311
Tencent 20180313
TheHacker 20180311
TotalDefense 20180313
TrendMicro 20180313
TrendMicro-HouseCall 20180313
Trustlook 20180313
VBA32 20180313
VIPRE 20180313
ViRobot 20180313
WhiteArmor 20180223
Yandex 20180313
Zillya 20180313
ZoneAlarm by Check Point 20180313
Zoner 20180313
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Visual Studio® 2015
Original name MFC140KOR.DLL
Internal name MFC140KOR.DLL
File version 14.0.23026.0 built by: WCSETUP
Description MFC Language Specific Resources
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-03-13 16:10:33
Entry Point 0x00001D40
Number of sections 4
PE sections
PE imports
ImageList_AddMasked
CryptStringToBinaryW
GetBitmapBits
CallNamedPipeW
GetLastError
GetModuleHandleA
GetSystemDefaultUILanguage
GetCurrentConsoleFontEx
CreateMutexW
FlsGetValue
FreeConsole
GetACP
FlsFree
GetModuleFileNameA
GetBinaryTypeA
RpcSsGetContextBinding
CM_Get_HW_Prof_Flags_ExW
SetupDiGetDeviceRegistryPropertyW
CM_Get_Device_Interface_ListW
GetOpenClipboardWindow
GetActiveWindow
AdjustWindowRect
GetCursor
EnableWindow
GetMessagePos
GetDlgItemInt
waveOutSetPitch
waveInUnprepareHeader
EnumPrinterDataExW
Ord(29)
CoFreeUnusedLibraries
CoAddRefServerProcess
Number of PE resources by type
RT_STRING 60
RT_DIALOG 27
RT_MENU 1
RT_VERSION 1
Struct(240) 1
Number of PE resources by language
KOREAN 90
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
1

LinkerVersion
0.4

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
14.0.23026.0

LanguageCode
Korean

FileFlagsMask
0x003f

FileDescription
MFC Language Specific Resources

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
147456

EntryPoint
0x1d40

OriginalFileName
MFC140KOR.DLL

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserved.

FileVersion
14.0.23026.0 built by: WCSETUP

TimeStamp
2018:03:13 17:10:33+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
MFC140KOR.DLL

ProductVersion
14.0.23026.0

SubsystemVersion
5.0

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
0

ProductName
Microsoft Visual Studio 2015

ProductVersionNumber
14.0.23026.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 6262cf51121fdcb67d0691f6be578956
SHA1 ab0dfac6561c1b57cc1728f31d0f6c915a450e9c
SHA256 5ae3bb6629a522abba06b526b564902b967d6c8b9b9518ce543cd2dbb91397a3
ssdeep
3072:tfgLLkLzKDsiPDnr9BZKuaH2qpC7oJzEZX4IFtM:t4LLkLugiPDnrpKuZqpCcJzYLt

authentihash 0d1f0461779bb2a6127e4311b0384e5dd7f9b1986dfe662195b2db3e2d6d82ca
imphash d751210b74c2b8816b838599cc5785fe
File size 156.0 KB ( 159744 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-03-13 16:14:42 UTC ( 7 months, 1 week ago )
Last submission 2018-05-24 14:21:10 UTC ( 5 months ago )
File names pMf4BuVdDM669eaXIm.exe
8810.exe
dnsiso.exe
audiocert.exe
VirusShare_6262cf51121fdcb67d0691f6be578956
regdefrag.exe
76143.exe
12938.exe
regdefrag.exe
6818.exe
MFC140KOR.DLL
93373.exe
audiocert.exe
VirusShare_6262cf51121fdcb67d0691f6be578956
0984.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!