× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 62ab290f0bb62b68d97bd63044f9aee81435a7a8ee243b7c74429194f1b61284
File name: output.114768410.txt
Detection ratio: 50 / 69
Analysis date: 2018-12-26 05:25:06 UTC ( 1 month, 3 weeks ago )
Antivirus Result Update
Acronis malware 20181224
Ad-Aware Trojan.GenericKD.40851823 20181226
AhnLab-V3 Malware/Win32.Generic.C2901426 20181226
ALYac Trojan.Agent.Emotet 20181226
Antiy-AVL Trojan[Banker]/Win32.Emotet 20181225
Arcabit Trojan.Generic.D26F596F 20181226
Avast Win32:MalwareX-gen [Trj] 20181226
AVG Win32:MalwareX-gen [Trj] 20181226
BitDefender Trojan.GenericKD.40851823 20181226
Bkav HW32.Packed. 20181224
CAT-QuickHeal Trojan.Emotet 20181225
ClamAV Win.Trojan.Agent-6791167-0 20181226
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.de1a8d 20180225
Cylance Unsafe 20181226
Cyren W32/Emotet.LE.gen!Eldorado 20181226
DrWeb Trojan.EmotetENT.332 20181226
eGambit Unsafe.AI_Score_99% 20181226
Emsisoft Trojan.GenericKD.40851823 (B) 20181226
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GOAF 20181226
F-Prot W32/Emotet.LE.gen!Eldorado 20181226
F-Secure Trojan.GenericKD.40851823 20181226
Fortinet W32/Kryptik.GNZI!tr 20181226
GData Trojan.GenericKD.40851823 20181226
Sophos ML heuristic 20181128
K7AntiVirus Riskware ( 0040eff71 ) 20181225
K7GW Riskware ( 0040eff71 ) 20181225
Kaspersky Trojan-Banker.Win32.Emotet.bwde 20181226
Malwarebytes Trojan.Emotet 20181225
MAX malware (ai score=100) 20181226
McAfee Emotet-FJX!40F1FDADE1A8 20181226
McAfee-GW-Edition BehavesLike.Win32.Emotet.cc 20181225
Microsoft Trojan:Win32/Emotet.CT 20181225
eScan Trojan.GenericKD.40851823 20181226
NANO-Antivirus Trojan.Win32.Emotet.flifpm 20181226
Palo Alto Networks (Known Signatures) generic.ml 20181226
Panda Trj/Genetic.gen 20181225
Qihoo-360 Win32/Trojan.fbd 20181226
Rising Trojan.Kryptik!8.8 (CLOUD) 20181226
SentinelOne (Static ML) static engine - malicious 20181223
Sophos AV Mal/Generic-S 20181226
Symantec Trojan.Emotet 20181225
TACHYON Banker/W32.Emotet.122880.BG 20181226
Trapmine malicious.high.ml.score 20181205
TrendMicro TROJ_GEN.USLK18 20181226
TrendMicro-HouseCall TrojanSpy.Win32.EMOTET.SMGB2.hp 20181226
VBA32 BScope.Trojan.Dynamer 20181222
Webroot W32.Trojan.Gen 20181226
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bwde 20181226
AegisLab 20181226
Alibaba 20180921
Avast-Mobile 20181225
Avira (no cloud) 20181226
Babable 20180918
Baidu 20181207
CMC 20181225
Comodo 20181226
Jiangmin 20181226
Kingsoft 20181226
SUPERAntiSpyware 20181220
Symantec Mobile Insight 20181225
Tencent 20181226
TheHacker 20181225
TotalDefense 20181223
Trustlook 20181226
ViRobot 20181225
Yandex 20181223
Zillya 20181225
Zoner 20181225
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © Microsoft Corp. 1993-2001.

Internal name ASYCFILT.DLL
File version 5.1.2600.2180
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-07-18 02:23:20
Entry Point 0x000028E0
Number of sections 8
PE sections
PE imports
IsTokenRestricted
GetDCPenColor
GetPolyFillMode
GetFileTime
NormalizeString
LockFileEx
SetFilePointer
GetTapeStatus
SetEvent
GetConsoleProcessList
GetUserDefaultLCID
GetVersion
EmptyClipboard
GetLastActivePopup
GetSysColor
GetKeyboardType
RegisterRawInputDevices
SCardGetCardTypeProviderNameA
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
CodeSize
135168

UninitializedDataSize
0

LinkerVersion
2.0

ImageVersion
5.1

FileVersionNumber
5.1.2600.2180

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
0

EntryPoint
0x28e0

MIMEType
application/octet-stream

LegalCopyright
Copyright Microsoft Corp. 1993-2001.

FileVersion
5.1.2600.2180

TimeStamp
2002:07:18 03:23:20+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
ASYCFILT.DLL

ProductVersion
5.1.2600.2180

SubsystemVersion
6.0

OSVersion
6.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

LegalTrademarks
Microsoft is a registered trademark of Microsoft Corporation. Windows is a registered trademark of Microsoft Corporation.

FileSubtype
0

ProductVersionNumber
5.1.2600.2180

FileTypeExtension
exe

ObjectFileType
Dynamic link library

Execution parents
File identification
MD5 40f1fdade1a8d52eaa3670114930a20e
SHA1 271095a74cc9aaca46622e673387c673ff598939
SHA256 62ab290f0bb62b68d97bd63044f9aee81435a7a8ee243b7c74429194f1b61284
ssdeep
3072:L60/vB6suIYiYjifVV2xFP9bxhgv3YFQ3YvhTu:Lf8ntinYJ9bxhgv3UVu

authentihash 9cc5ad110c43897c0b0907f3a28c2ebdc7ad6586e9008574c037717c8d4b2f4a
imphash bac04a2fd1e17f7ed3c0e34a2424a003
File size 120.0 KB ( 122880 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-20 16:13:18 UTC ( 1 month, 4 weeks ago )
Last submission 2018-12-26 05:25:06 UTC ( 1 month, 3 weeks ago )
File names output.114768410.txt
output.114750309.txt
ASYCFILT.DLL
l_SccNR1ymK_qwP8Bdn.exe
773.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!