× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 634c933493f0d325226f4ac4b7d64592d632b48d2cf4e97d941af824edd17fe1
File name: vXjSG.exe
Detection ratio: 12 / 68
Analysis date: 2019-02-11 15:06:41 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
Acronis suspicious 20190208
AVG FileRepMalware 20190211
CAT-QuickHeal Trojan.Emotet.X4 20190210
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181023
Endgame malicious (high confidence) 20181108
Microsoft Trojan:Win32/Fuerboos.C!cl 20190211
Qihoo-360 HEUR/QVM20.1.2893.Malware.Gen 20190211
Rising Trojan.GenKryptik!8.AA55/N3#97% (RDM+:cmRtazoOoCTp9BKWjTEY3Ff91T4V) 20190211
SentinelOne (Static ML) static engine - malicious 20190203
Sophos AV Mal/EncPk-AOI 20190211
Symantec ML.Attribute.HighConfidence 20190211
Trapmine malicious.high.ml.score 20190123
Ad-Aware 20190211
AegisLab 20190211
AhnLab-V3 20190211
Alibaba 20180921
ALYac 20190211
Antiy-AVL 20190211
Arcabit 20190211
Avast 20190211
Avast-Mobile 20190211
Avira (no cloud) 20190211
Babable 20180918
Baidu 20190202
BitDefender 20190211
ClamAV 20190211
CMC 20190211
Comodo 20190211
Cybereason 20190109
Cyren 20190211
DrWeb 20190211
eGambit 20190211
Emsisoft 20190211
ESET-NOD32 20190211
F-Prot 20190211
F-Secure 20190211
Fortinet 20190211
GData 20190211
Ikarus 20190211
Sophos ML 20181128
Jiangmin 20190211
K7AntiVirus 20190211
K7GW 20190211
Kaspersky 20190211
Kingsoft 20190211
Malwarebytes 20190211
MAX 20190211
McAfee 20190211
McAfee-GW-Edition 20190211
eScan 20190211
NANO-Antivirus 20190211
Palo Alto Networks (Known Signatures) 20190211
Panda 20190211
SUPERAntiSpyware 20190206
Symantec Mobile Insight 20190207
TACHYON 20190211
Tencent 20190211
TheHacker 20190203
TotalDefense 20190210
TrendMicro 20190211
TrendMicro-HouseCall 20190211
Trustlook 20190211
VBA32 20190211
ViRobot 20190211
Webroot 20190211
Yandex 20190210
Zillya 20190211
ZoneAlarm by Check Point 20190211
Zoner 20190211
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All righ

Product Microsoft® Windows® Operating Syst
Internal name kbdukx (3.
File version 6.1.7600.16385
Description United Kingdom Extended Keybo
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-02-11 15:01:14
Entry Point 0x000117EB
Number of sections 5
PE sections
PE imports
GetSidSubAuthorityCount
GetCalendarInfoEx
GetLargestConsoleWindowSize
IsSystemResumeAutomatic
GetModuleHandleW
Wow64SetThreadContext
VarCyMulI8
StrChrNW
InitializeSecurityContextW
DdeDisconnectList
TrackPopupMenu
GetCursorInfo
InternetAutodial
towupper
memset
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
CodeSize
72192

SubsystemVersion
5.0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2001.12.4414.258

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
United Kingdom Extended Keybo

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
397824

EntryPoint
0x117eb

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All righ

FileVersion
6.1.7600.16385

TimeStamp
2019:02:11 16:01:14+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
kbdukx (3.

ProductVersion
6.1.7600.163

UninitializedDataSize
0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporatio

LegalTrademarks
Microsoft(R) is a registered trademark of Microsoft Corporation. Windows(TM) is a trademark of Microsoft Corporation

ProductName
Microsoft Windows Operating Syst

ProductVersionNumber
3.1.0.4414

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 b8dc28062e07016aefa5205b7e1aed71
SHA1 074cf5eaf068015745f884bc251fb2b8c763fcbe
SHA256 634c933493f0d325226f4ac4b7d64592d632b48d2cf4e97d941af824edd17fe1
ssdeep
3072:vx4j81SDsGr+7NxsBN9WUnIbIXMJreRTWIEWYtQsTj8QxncV4qOu6Er6wDocP:+nIbIZRCI8txxncVDO/Er6ws

authentihash 78b7c81ae56dd8f77e25eab8023f3e4b03eea1721f2f07f38a298e37b8717001
imphash b1b43bf25c12c3e2467e98233f95c71e
File size 452.0 KB ( 462848 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2019-02-11 15:06:41 UTC ( 1 month, 1 week ago )
Last submission 2019-02-11 15:06:41 UTC ( 1 month, 1 week ago )
File names YzLPboOlw_qBf0.exe
2e8izc6WvXR7.exe
fxtEIIl55f_8o.exe
vXjSG.exe
b8EE7DyPsKnn.exe
XhHXA2KP5dYh2f_vMBiNB.exe
yB3NGT9rwxFPV_JpK.exe
GUvkJblu3n7dHOI_iDGmoe.exe
WIeEN_8AI089q4G.exe
ua1mUnf.exe
kQoNu8PtreTJ_Am5l.exe
kbdukx (3.
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!