× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5d57ea583cd17d0be4371a87e133200cc1959140fec88ec00fdc70efa40eeabc
File name: 51IOFJAD.exe
Detection ratio: 40 / 66
Analysis date: 2018-10-19 18:50:41 UTC ( 4 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Autoruns.GenericKDS.31293872 20181019
AhnLab-V3 Malware/Win32.Generic.C2766604 20181019
ALYac Trojan.Autoruns.GenericKDS.31293872 20181019
Antiy-AVL Trojan/Win32.Fuerboos 20181019
Arcabit Trojan.Autoruns.GenericS.D1DD81B0 20181019
Avast FileRepMalware 20181019
AVG FileRepMalware 20181019
BitDefender Trojan.Autoruns.GenericKDS.31293872 20181019
CAT-QuickHeal Trojan.Emotet.X4 20181018
ClamAV Win.Trojan.Emotet-6699550-0 20181019
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cylance Unsafe 20181019
Cyren W32/Trojan.KAUE-7960 20181019
Emsisoft Trojan.Autoruns.GenericKDS.31293872 (B) 20181019
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Kryptik.GLTP 20181019
F-Secure Trojan.Autoruns.GenericKDS.31293872 20181019
Fortinet W32/Kryptik.GLTP!tr 20181019
GData Trojan.Autoruns.GenericKDS.31293872 20181019
Ikarus Trojan.Win32.Crypt 20181019
Sophos ML heuristic 20180717
K7AntiVirus Trojan ( 0053c2ba1 ) 20181019
K7GW Trojan ( 0053c2ba1 ) 20181019
Kaspersky Trojan-Banker.Win32.Emotet.bjgt 20181019
Malwarebytes Trojan.Emotet 20181019
MAX malware (ai score=100) 20181019
McAfee Emotet-FIB!F368E3E99EED 20181019
McAfee-GW-Edition Emotet-FIB!F368E3E99EED 20181019
Microsoft Trojan:Win32/Emotet!rfn 20181019
eScan Trojan.Autoruns.GenericKDS.31293872 20181019
Palo Alto Networks (Known Signatures) generic.ml 20181019
Panda Trj/Emotet.C 20181019
Qihoo-360 HEUR/QVM20.1.99CB.Malware.Gen 20181019
Rising Trojan.Kryptik!8.8 (CLOUD) 20181019
Sophos AV Mal/Generic-S 20181019
Symantec Trojan.Emotet 20181019
Tencent Win32.Trojan-banker.Emotet.Ebqe 20181019
VBA32 BScope.TrojanBanker.Emotet 20181019
Webroot W32.Trojan.Emotet 20181019
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bjgt 20181019
AegisLab 20181019
Alibaba 20180921
Avast-Mobile 20181019
Avira (no cloud) 20181019
Baidu 20181019
Bkav 20181019
CMC 20181019
Cybereason 20180225
DrWeb 20181019
eGambit 20181019
F-Prot 20181019
Jiangmin 20181019
Kingsoft 20181019
NANO-Antivirus 20181019
SentinelOne (Static ML) 20181011
SUPERAntiSpyware 20181015
Symantec Mobile Insight 20181001
TACHYON 20181019
TheHacker 20181018
TotalDefense 20181018
TrendMicro 20181019
TrendMicro-HouseCall 20181019
Trustlook 20181019
ViRobot 20181019
Yandex 20181018
Zillya 20181019
Zoner 20181018
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 1997 America Online

Original name jgiqGEN.dll
Internal name jgiqGEN.dll
File version 014
Description JG ART DLL
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-10-18 05:15:46
Entry Point 0x0007E8CE
Number of sections 5
PE sections
PE imports
SetSecurityDescriptorControl
GdiSetBatchLimit
GetTickCount64
SetThreadPriority
Wow64SetThreadContext
GetModuleHandleW
GetBinaryTypeA
GetCurrentThread
DrawDibSetPalette
RpcServerUnregisterIf
SetupDiOpenDevRegKey
OemToCharBuffW
GetNextDlgTabItem
GetFocus
DlgDirListComboBoxA
UnpackDDElParam
DeleteUrlCacheEntryW
SCardListCardsA
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
4294967295

LinkerVersion
12.0

ImageVersion
0.0

FileVersionNumber
14.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
JG ART DLL

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
24576

EntryPoint
0x7e8ce

OriginalFileName
jgiqGEN.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 1997 America Online

FileVersion
014

TimeStamp
2018:10:18 06:15:46+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
jgiqGEN.dll

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Windows 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
America Online

CodeSize
519168

FileSubtype
0

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 f368e3e99eed2d612b5c4341ebf4d88e
SHA1 b1a36447a81b8d8a701f27c6f05c6814bdf38fb5
SHA256 5d57ea583cd17d0be4371a87e133200cc1959140fec88ec00fdc70efa40eeabc
ssdeep
3072:vtpf9QRBoSyUM0ZnZESE+KGacQny9xPdAKIGbAP2cBEWp/Pt:7iRyy/n83nybPdAKGPvBEW

authentihash acdb91e38172ee1707aa4c07140b645e60554e5e274e07f8d7036891d4b7f04a
imphash 6910bbd989e1f9751eb7a4566f892de3
File size 526.0 KB ( 538624 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (25.2%)
Clipper DOS Executable (25.0%)
Generic Win/DOS Executable (24.8%)
DOS Executable Generic (24.8%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-18 05:22:40 UTC ( 4 months ago )
Last submission 2018-10-18 05:22:40 UTC ( 4 months ago )
File names aeropages.exe
jgiqGEN.dll
51IOFJAD.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!