× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 600761a22ad404d1a3ec024c23f515ad74f247bacf9f96d85d5634ccd4f3b267
File name: jRX2DBXnPu07.exe
Detection ratio: 44 / 69
Analysis date: 2019-01-03 01:56:34 UTC ( 1 month, 2 weeks ago ) View latest
Antivirus Result Update
Acronis suspicious 20181227
Ad-Aware Trojan.Autoruns.GenericKDS.31474354 20190102
ALYac Trojan.Autoruns.GenericKDS.31474354 20190102
Arcabit Trojan.Autoruns.GenericS.D1E042B2 20190102
Avast Win32:MalwareX-gen [Trj] 20190102
AVG Win32:MalwareX-gen [Trj] 20190102
Avira (no cloud) TR/AD.Emotet.atbih 20190102
BitDefender Trojan.Autoruns.GenericKDS.31474354 20190102
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.167e19 20180225
Cylance Unsafe 20190103
Cyren W32/Trojan.TLYL-8856 20190102
eGambit Unsafe.AI_Score_99% 20190103
Emsisoft Trojan.Autoruns.GenericKDS.31474354 (B) 20190102
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GOFY 20190103
F-Secure Trojan.Autoruns.GenericKDS.31474354 20190102
Fortinet W32/GenKryptik.CVMJ!tr 20190102
GData Win32.Trojan-Spy.Emotet.DR@gen 20190102
Ikarus Trojan-Banker.Emotet 20190102
Sophos ML heuristic 20181128
K7AntiVirus Riskware ( 0040eff71 ) 20190102
K7GW Riskware ( 0040eff71 ) 20190102
Kaspersky Trojan-Banker.Win32.Emotet.bxpe 20190102
Malwarebytes Trojan.Emotet 20190102
MAX malware (ai score=86) 20190103
McAfee Emotet-FID!3F602FB167E1 20190103
McAfee-GW-Edition BehavesLike.Win32.Backdoor.cc 20190103
Microsoft Trojan:Win32/Emotet.AC!bit 20190103
eScan Trojan.Autoruns.GenericKDS.31474354 20190103
Palo Alto Networks (Known Signatures) generic.ml 20190103
Panda Trj/RnkBend.A 20190102
Qihoo-360 HEUR/QVM20.1.3CF7.Malware.Gen 20190103
Rising Trojan.Fuery!8.EAFB (CLOUD) 20190103
Sophos AV Mal/EncPk-AOI 20190103
Symantec Trojan.Emotet 20190103
TACHYON Banker/W32.Emotet.159744.AE 20190102
Tencent Win32.Trojan-banker.Emotet.Lmuq 20190103
Trapmine malicious.high.ml.score 20181205
TrendMicro TROJ_FRS.VSN01A19 20190103
TrendMicro-HouseCall TROJ_FRS.VSN01A19 20190103
ViRobot Trojan.Win32.Z.Emotet.159744.Z 20190103
Webroot W32.Trojan.Emotet 20190103
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bxpe 20190102
AegisLab 20190102
Alibaba 20180921
Antiy-AVL 20190102
Avast-Mobile 20190102
Babable 20180918
Baidu 20190102
Bkav 20190102
CAT-QuickHeal 20190102
ClamAV 20190102
CMC 20190102
Comodo 20190102
DrWeb 20190102
F-Prot 20190102
Jiangmin 20190102
Kingsoft 20190103
NANO-Antivirus 20190103
SentinelOne (Static ML) 20181223
SUPERAntiSpyware 20190102
TheHacker 20181230
TotalDefense 20190102
Trustlook 20190103
VBA32 20181229
Yandex 20181229
Zillya 20190102
Zoner 20190102
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-07-14 22:00:48
Entry Point 0x00009C60
Number of sections 8
PE sections
PE imports
GetSidSubAuthority
DuplicateToken
EqualDomainSid
IsTokenRestricted
GetPrivateObjectSecurity
InitializeSecurityDescriptor
FindFirstFreeAce
GetOldestEventLogRecord
GetSecurityDescriptorOwner
GetFileSecurityA
EqualPrefixSid
LookupPrivilegeNameA
GetCurrentHwProfileW
DecryptFileW
GetSecurityDescriptorLength
GetClusterFromResource
GetClusterResourceNetworkName
GetFileTitleA
FindTextA
GetDIBColorTable
GetRgnBox
GetROP2
GetObjectType
GetLayout
GetObjectA
LineTo
GetTextExtentExPointI
GetWorldTransform
GetRegionData
FillPath
GetCharacterPlacementA
GetOutlineTextMetricsA
GetMetaFileBitsEx
ExtCreateRegion
GdiFlush
GetTextFaceA
GetClipRgn
GetTextExtentPoint32A
GetCharWidth32W
GetTextColor
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetTextCharacterExtra
GetUserDefaultUILanguage
GetVolumePathNameW
IsProcessorFeaturePresent
GetConsoleOutputCP
IsValidLanguageGroup
GetConsoleFontSize
GetProcessWorkingSetSize
LoadLibraryW
GetProfileStringW
GetPrivateProfileIntA
DefineDosDeviceA
GetStringTypeExA
GetSystemDefaultLCID
VirtualUnlock
GetACP
GetLocalTime
GlobalFindAtomW
GetCommTimeouts
GetPriorityClass
SwitchToThread
VirtualFreeEx
GlobalGetAtomNameA
GetSystemWindowsDirectoryW
GetVolumeInformationW
GetConsoleTitleW
GetCommandLineW
GetCurrentDirectoryA
EnumSystemLocalesW
FatalAppExitA
GetCommandLineA
GetTapePosition
EscapeCommFunction
FindNextChangeNotification
lstrcpynW
GetCommModemStatus
GetSystemDefaultLangID
LockFileEx
GetFileSizeEx
LocalFlags
GetStringTypeA
ExpandEnvironmentStringsW
lstrcmpA
WritePrivateProfileStructA
ReadFile
FormatMessageA
DeleteAtom
FreeConsole
GetComputerNameA
GetThreadTimes
IsValidLocale
ExitThread
GetDiskFreeSpaceA
ExpandEnvironmentStringsA
GetLongPathNameW
GetFileAttributesA
GetFileAttributesExW
LocalFree
WriteProcessMemory
GetThreadPriority
GetDefaultCommConfigW
GlobalHandle
GetLogicalDriveStringsW
VirtualQueryEx
GetLongPathNameA
GetProfileIntA
DeleteVolumeMountPointW
GetTickCount
CancelSynchronousIo
GetDefaultCommConfigA
VirtualAlloc
LoadRegTypeLib
GetErrorInfo
GetRecordInfoFromGuids
FindExecutableW
FindExecutableA
ExtractIconExA
GetComputerObjectNameW
DeleteSecurityContext
DecryptMessage
FreeCredentialsHandle
EnumWindowStationsA
IsWindowUnicode
GetClassInfoExW
GetCaretPos
GetKeyboardLayoutNameA
GetScrollRange
DefWindowProcW
GetKeyboardLayoutNameW
GetClassInfoExA
DestroyMenu
GetClipboardOwner
GetShellWindow
GetDialogBaseUnits
DrawStateW
GetPropA
LoadBitmapA
GetParent
FreeDDElParam
GetSystemMetrics
MessageBoxW
GetWindowLongA
LoadCursorW
GetDlgItemTextA
GetMessageExtraInfo
GetSystemMenu
ChildWindowFromPoint
GetClassLongA
LookupIconIdFromDirectoryEx
DestroyCaret
InsertMenuItemA
GetCursorPos
GetWindowRgn
GetClassInfoA
DestroyIcon
LoadMenuIndirectA
GetQueueStatus
DefMDIChildProcA
DefFrameProcA
GetWindowModuleFileNameW
GetDlgItem
DrawTextW
GetSubMenu
DeleteMenu
GetMenuContextHelpId
DrawFocusRect
FindWindowExA
GetKeyNameTextA
LoadImageW
SetPhysicalCursorPos
GetMenuItemCount
GetUpdateRgn
DestroyAcceleratorTable
GetMenuState
IsRectEmpty
GetCursor
GetFocus
FlashWindow
GetUpdateRect
GetWindowInfo
ModifyMenuA
DefDlgProcW
DestroyWindow
GetFileVersionInfoSizeA
GetFileVersionInfoW
GetUrlCacheEntryInfoExW
GetUrlCacheEntryInfoA
GetPrintProcessorDirectoryW
GetPrinterDriverDirectoryA
SCardConnectA
GetColorProfileHeader
srand
system
fsetpos
ungetc
ftell
vfwprintf
fprintf
vfprintf
fwprintf
ungetwc
strcoll
MkParseDisplayName
FaultInIEFeature
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
MALTESE DEFAULT 1
PE resources
Debug information
ExifTool file metadata
CodeSize
40960

UninitializedDataSize
114688

LinkerVersion
15.0

ImageVersion
0.0

FileVersionNumber
5.1.2600.2180

LanguageCode
Unknown ()

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

InitializedDataSize
0

EntryPoint
0x9c60

MIMEType
application/octet-stream

LegalCopyright
Copyright Microsoft Corp.

FileVersion
5.1.2600.2180

TimeStamp
2002:07:14 15:00:48-07:00

FileType
Win32 EXE

PEType
PE32

InternalName
CTL3D32

ProductVersion
2,31,0,0

SubsystemVersion
6.0

OSVersion
6.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

LegalTrademarks
Microsoft is a registered trademark of Microsoft Corporation. Windows is a registered trademark of Microsoft Corporation.

FileSubtype
0

ProductVersionNumber
5.1.2600.2180

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 3f602fb167e19b53996acc09339f2700
SHA1 a518be18add87ca2d55553664208fe8bef8ccc7f
SHA256 600761a22ad404d1a3ec024c23f515ad74f247bacf9f96d85d5634ccd4f3b267
ssdeep
3072:5bavbkD2n+VhN/+DR4v5IWP4e05jto+o4+jQ:jD2n+jXSQ49a4k

authentihash b9025c16cf977f4e88a30dc2dca644b92aa984e9bca209a6c61a94df2ae2f81d
imphash 8c6dfb0ed46c27deccd08ad5fbb38137
File size 156.0 KB ( 159744 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-31 17:00:51 UTC ( 1 month, 2 weeks ago )
Last submission 2019-01-04 04:29:03 UTC ( 1 month, 2 weeks ago )
File names 3f602fb167e19b53996acc09339f2700.virobj
jRX2DBXnPu07.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!