× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5f8aee58ec2f1342e84ed02d276c4369b1c2359a5e57ead9269bc6fa5d67ce59
File name: C9220A2A.exe
Detection ratio: 14 / 68
Analysis date: 2018-11-15 23:31:48 UTC ( 3 months, 1 week ago ) View latest
Antivirus Result Update
AVG Win32:MdeClass 20181115
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
Cybereason malicious.b8a5e9 20180225
Cylance Unsafe 20181115
DrWeb Trojan.EmotetENT.293 20181115
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GMTX 20181115
Sophos ML heuristic 20181108
McAfee-GW-Edition BehavesLike.Win32.Ransomware.gt 20181115
Microsoft Trojan:Win32/Emotet.AC!bit 20181115
Qihoo-360 HEUR/QVM20.1.3B1F.Malware.Gen 20181115
Rising Malware.Heuristic!ET#99% (RDM+:cmRtazrFK9fb02YosixNQEubilPy) 20181115
SentinelOne (Static ML) static engine - malicious 20181011
Symantec ML.Attribute.HighConfidence 20181115
Ad-Aware 20181116
AegisLab 20181115
AhnLab-V3 20181115
Alibaba 20180921
ALYac 20181115
Antiy-AVL 20181115
Arcabit 20181115
Avast 20181116
Avast-Mobile 20181115
Avira (no cloud) 20181115
Babable 20180918
Baidu 20181115
BitDefender 20181115
Bkav 20181115
CAT-QuickHeal 20181115
ClamAV 20181116
CMC 20181115
Comodo 20181115
Cyren 20181115
eGambit 20181115
Emsisoft 20181115
F-Prot 20181115
F-Secure 20181115
Fortinet 20181115
GData 20181115
Ikarus 20181115
Jiangmin 20181115
K7AntiVirus 20181113
K7GW 20181115
Kaspersky 20181115
Kingsoft 20181115
Malwarebytes 20181115
MAX 20181115
McAfee 20181115
eScan 20181115
NANO-Antivirus 20181115
Palo Alto Networks (Known Signatures) 20181115
Panda 20181115
Sophos AV 20181115
SUPERAntiSpyware 20181114
Symantec Mobile Insight 20181108
TACHYON 20181115
Tencent 20181115
TheHacker 20181113
TotalDefense 20181115
TrendMicro 20181115
TrendMicro-HouseCall 20181115
Trustlook 20181115
VBA32 20181115
ViRobot 20181115
Webroot 20181115
Yandex 20181115
Zillya 20181115
ZoneAlarm by Check Point 20181116
Zoner 20181116
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-04-01 20:32:30
Entry Point 0x0000B452
Number of sections 5
PE sections
PE imports
RegSaveKeyA
CloseClusterResource
CryptEncryptMessage
CreatePalette
GetCharWidth32W
OffsetWindowOrgEx
GetModuleHandleA
GetSystemRegistryQuota
GetNLSVersion
RpcAsyncAbortCall
StrCatW
CharToOemW
WSASetLastError
SCardGetStatusChangeW
OpenColorProfileW
memset
OleCreateLink
PdhCloseQuery
Number of PE resources by type
RT_STRING 2
Number of PE resources by language
ENGLISH US 2
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2002:04:01 22:32:30+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
249856

LinkerVersion
6.0

ImageFileCharacteristics
No relocs, Executable, 32-bit

EntryPoint
0xb452

InitializedDataSize
102400

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 8c5530d14d79c26dc0cd999ba8569d11
SHA1 207ac6ab8a5e9a1057c9d121fd36f6fc6f597712
SHA256 5f8aee58ec2f1342e84ed02d276c4369b1c2359a5e57ead9269bc6fa5d67ce59
ssdeep
3072:iAyNGM1Pulb9HitavHrPev4+Dw49iYIpAQiTdBxTdag:aNG8mLH1rmv/DJ01ZiTdbEg

authentihash 8444252753e7cd27fe745d60371b4bb1acc8a5a6f88e89cf8e4595f55e1d4db2
imphash f04cb296123c8315762d4ac863369e8e
File size 444.0 KB ( 454656 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-15 23:31:48 UTC ( 3 months, 1 week ago )
Last submission 2018-11-23 02:42:32 UTC ( 3 months ago )
File names englishcaching.exe
UolrAa6n.exe
ScJ2UsSe.exe
eIyZ4E8Q.exe
4TGInPoZF.exe
KFjGJZVLqNc.exe
NvQQsvVJVa.exe
ywzXhuBgdnQ.exe
M7miVPm0J.exe
T8Jn1unB.exe
CmZZEWfhK.exe
IZeYTlfh.exe
40Um3PPfecJ.exe
0_8c5530d14d79c26dc0cd999ba8569d11
oocEuYj0O.exe
RtbMDadv.exe
output.114502963.txt
tPqmtqMkr.exe
Bc6sSN32.exe
668jeDgyVN.exe
Wub0yocJ8o.exe
2lBt4Gh8F6U.exe
G4SCmwkBr3Ho.exe
nKt.exe
CtLhMZoO299.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!