× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5f0df0c31c47da2cf9e379f392144bf8d2437d436d9ea7c14ff07f5d04a705e7
File name: lpiograd.exe
Detection ratio: 40 / 66
Analysis date: 2018-11-16 05:26:51 UTC ( 3 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.40756021 20181116
AhnLab-V3 Trojan/Win32.Emotet.R244486 20181115
ALYac Trojan.Agent.Emotet 20181116
Arcabit Trojan.Generic.D26DE335 20181116
Avast Win32:BankerX-gen [Trj] 20181116
AVG Win32:BankerX-gen [Trj] 20181116
BitDefender Trojan.GenericKD.40756021 20181116
Bkav HW32.Packed. 20181115
ClamAV Win.Malware.Emotet-6746185-0 20181116
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.bf86fa 20180225
Cylance Unsafe 20181116
Cyren W32/Trojan.AKIH-5451 20181116
DrWeb Trojan.EmotetENT.294 20181116
Emsisoft Trojan.Emotet (A) 20181116
ESET-NOD32 a variant of Win32/Kryptik.GMTC 20181116
F-Prot W32/Emotet.IV.gen!Eldorado 20181116
F-Secure Trojan.GenericKD.40756021 20181116
Fortinet W32/Kryptik.GMOJ!tr 20181116
GData Trojan.GenericKD.40756021 20181116
Ikarus Trojan-Banker.Emotet 20181115
Sophos ML heuristic 20181108
K7AntiVirus Trojan ( 0053b6a31 ) 20181113
K7GW Trojan ( 0053b6a31 ) 20181115
Kaspersky Trojan-Banker.Win32.Emotet.bpsm 20181116
Malwarebytes Trojan.Emotet 20181116
McAfee RDN/Generic.grp 20181116
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20181116
Microsoft Trojan:Win32/Emotet.AC!bit 20181116
eScan Trojan.GenericKD.40756021 20181116
NANO-Antivirus Trojan.Win32.Generic.fkeffn 20181116
Palo Alto Networks (Known Signatures) generic.ml 20181116
Panda Trj/RnkBend.A 20181115
Qihoo-360 Win32/Trojan.5ae 20181116
Sophos AV Mal/EncPk-ANY 20181116
Symantec Trojan.Emotet 20181116
TrendMicro TSPY_EMOTET.THAAACAH 20181116
TrendMicro-HouseCall TSPY_EMOTET.THAAACAH 20181116
Webroot W32.Trojan.Emotet 20181116
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bpsm 20181116
AegisLab 20181116
Alibaba 20180921
Antiy-AVL 20181116
Avast-Mobile 20181115
Avira (no cloud) 20181115
Babable 20180918
Baidu 20181116
CAT-QuickHeal 20181115
CMC 20181116
eGambit 20181116
Endgame 20181108
Jiangmin 20181116
Kingsoft 20181116
MAX 20181116
Rising 20181116
SentinelOne (Static ML) 20181011
SUPERAntiSpyware 20181114
Symantec Mobile Insight 20181108
TACHYON 20181116
Tencent 20181116
TheHacker 20181113
TotalDefense 20181115
Trustlook 20181116
VBA32 20181115
ViRobot 20181116
Yandex 20181115
Zillya 20181115
Zoner 20181116
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft

Product Sola Plug-in
Original name msiltcfg.dl
Internal name Aban Plug-in
File version 1, 4, 2, 50
Description Window I Stub
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1995-06-10 08:02:18
Entry Point 0x000017D6
Number of sections 6
PE sections
PE imports
GetTokenInformation
RegEnableReflectionKey
CreateRoundRectRgn
CloseEnhMetaFile
OffsetRgn
GetTextMetricsW
CancelDC
GetSystemTime
OpenFileById
GetCommTimeouts
GetVolumeInformationA
GetThreadPriority
SetCriticalSectionSpinCount
GetUILanguageInfo
LoadLibraryW
GetPrivateProfileIntA
AllocConsole
GetTickCount
GetApplicationRestartSettings
GetNumberOfConsoleMouseButtons
GetCommandLineA
FindFirstFileNameTransactedW
TzSpecificLocalTimeToSystemTime
HeapWalk
GetErrorInfo
EnumerateSecurityPackagesW
IsClipboardFormatAvailable
GetCursorInfo
IsDlgButtonChecked
IsZoomed
DefWindowProcW
GetWindowDC
DialogBoxParamW
AddClipboardFormatListener
DestroyCaret
GetMenuCheckMarkDimensions
fwprintf
malloc
GetClassFile
CoInternetGetSecurityUrl
Number of PE resources by type
RT_DIALOG 19
RT_STRING 10
RT_VERSION 1
Number of PE resources by language
ITALIAN NEUTRAL 3
SWEDISH NEUTRAL 3
CHINESE TRADITIONAL 3
SPANISH NEUTRAL 3
GERMAN NEUTRAL 3
CHINESE SIMPLIFIED 3
JAPANESE DEFAULT 3
FRENCH NEUTRAL 3
ENGLISH US 3
KOREAN 3
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
143360

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.4.2.50

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Window I Stub

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

LinkerVersion
12.0

EntryPoint
0x17d6

OriginalFileName
msiltcfg.dl

MIMEType
application/x-java-applet;version=1.3.1|application/x-java-bean;version=1.3.1|application/x-java-applet;version=1.4|application/x-java-bean;version=1.4|application/x-java-applet;version=1.4.1|application/x-java-bean;version=1.4.1

LegalCopyright
Microsoft

FileExtents
|||||

FileOpenName
Aban Applet|JavaBeans|Sola Applet|SolaBeans|Sola Applet|SolaBeans

FileVersion
1, 4, 2, 50

TimeStamp
1995:06:10 01:02:18-07:00

FileType
Win32 EXE

PEType
PE32

InternalName
Aban Plug-in

ProductVersion
1, 4, 2, 50

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
AbanSoft / Sun Microsystems, Inc.

CodeSize
0

ProductName
Sola Plug-in

ProductVersionNumber
1.4.2.50

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 98a06525b6e6529be5bb1841d5a10341
SHA1 131c14fbf86fae4750c0d454fee3e9e6b343baec
SHA256 5f0df0c31c47da2cf9e379f392144bf8d2437d436d9ea7c14ff07f5d04a705e7
ssdeep
1536:Z89WzcClVXLNsIEGOPZ5hbL86hIB748E2NX8qkLz5fnGcIKhxSSrOXKB:3zccXhp0HBdIVE2NX8qkp/GEh8zaB

authentihash 7d319ed2e426db9baa3e42763230737d200c44ed94e2360c03a1c5e4be26d0ea
imphash c3d0ebb12b2feeb270b99595835b99b8
File size 148.0 KB ( 151552 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-13 19:34:04 UTC ( 3 months, 1 week ago )
Last submission 2018-11-14 23:35:18 UTC ( 3 months, 1 week ago )
File names tmLEznRSX2L.exe
knowndivider.exe
u0Yi3CVA3.exe
cachingatalk.exe
cachingplain.exe
shooterinv.exe
statusrestart.exe
HlhKfzHjmm.exe
msiltcfg.dl
gYUbmP4TX.exe
lpiograd.exe
519.exe
6NcNRH9X.exe
j3aL3o2yKKGpkOTaV.exe
gKBv8lsIJjpV.exe
rNnCsBlnc.exe
PQ4mN3ksv8Zw.exe
ggsFy7GZhoo.exe
Aban Plug-in
tCh0VusJbp.exe
614.exe
PeTduSE8A.exe
oWuZRY569mwg.exe
614.bin
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!