× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 655f13e30f51f933b54225fae5a5b8b9a135325fe8c75e0759b95fe38f08e13b
File name: 655f13e30f51f933b54225fae5a5b8b9a135325fe8c75e0759b95fe38f08e13b
Detection ratio: 17 / 66
Analysis date: 2018-05-22 18:20:13 UTC ( 9 months ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20180522
AVG FileRepMalware 20180522
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9998 20180522
Comodo TrojWare.Win32.Dovs.MO 20180522
Cylance Unsafe 20180522
Endgame malicious (high confidence) 20180507
ESET-NOD32 a variant of Win32/Kryptik.FXXG 20180522
Fortinet W32/Kryptik.GFJD!tr 20180522
Sophos ML heuristic 20180503
Malwarebytes Trojan.Emotet 20180522
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20180522
Microsoft Trojan:Win32/Cloxer.D!cl 20180522
Palo Alto Networks (Known Signatures) generic.ml 20180522
Qihoo-360 HEUR/QVM20.1.5641.Malware.Gen 20180522
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/EncPk-ANX 20180522
Symantec ML.Attribute.HighConfidence 20180522
Ad-Aware 20180522
AegisLab 20180522
AhnLab-V3 20180522
Alibaba 20180522
ALYac 20180522
Antiy-AVL 20180522
Arcabit 20180522
Avast-Mobile 20180522
Avira (no cloud) 20180522
AVware 20180522
Babable 20180406
BitDefender 20180522
Bkav 20180522
CAT-QuickHeal 20180522
ClamAV 20180521
CMC 20180522
CrowdStrike Falcon (ML) 20180202
Cybereason None
Cyren 20180522
DrWeb 20180522
eGambit 20180522
Emsisoft 20180522
F-Prot 20180522
F-Secure 20180522
GData 20180522
Ikarus 20180522
Jiangmin 20180522
K7AntiVirus 20180522
K7GW 20180522
Kaspersky 20180522
Kingsoft 20180522
MAX 20180522
McAfee 20180522
eScan 20180522
NANO-Antivirus 20180522
nProtect 20180522
Panda 20180522
Rising 20180522
SUPERAntiSpyware 20180522
Symantec Mobile Insight 20180522
Tencent 20180522
TheHacker 20180516
TotalDefense 20180522
TrendMicro 20180522
TrendMicro-HouseCall 20180522
Trustlook 20180522
VBA32 20180522
VIPRE 20180522
ViRobot 20180522
Webroot 20180522
Yandex 20180522
Zillya 20180522
ZoneAlarm by Check Point 20180522
Zoner 20180522
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserved.

Product Microsoft® Windows® Operating System
Original name Wwapi.dll
Internal name Wwapi.dll
File version 08.01.02.00 (win7_rtm.090713-1255)
Description WWAN API
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-05-23 01:02:21
Entry Point 0x00002260
Number of sections 7
PE sections
PE imports
CryptEncrypt
PropertySheetW
ImageList_AddMasked
CryptAcquireCertificatePrivateKey
JetIndexRecordCount
GetArcDirection
OffsetViewportOrgEx
GetCurrentProcess
DnsHostnameToComputerNameW
lstrlenA
GetSystemDefaultUILanguage
GetConsoleCursorInfo
GetProfileSectionW
GetExitCodeProcess
ExitProcess
GetHandleInformation
HeapReAlloc
FlsFree
LZSeek
SafeArrayDestroyData
RpcBindingSetAuthInfoExA
I_RpcNsBindingSetEntryNameW
SetupDiGetINFClassW
PathCreateFromUrlW
StrCmpIW
DlgDirListW
SetMenuItemInfoW
GetWindowRect
GetInputState
IsDlgButtonChecked
GetSysColorBrush
GetDesktopWindow
ChangeDisplaySettingsExW
GetFocus
IsIconic
DragDetect
SetCursor
midiOutGetVolume
DocumentPropertiesA
CryptCATStoreFromHandle
SCardListReaderGroupsW
Ord(29)
CoQueryProxyBlanket
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
163840

ImageVersion
0.0

ProductName
Microsoft Windows Operating System

FileVersionNumber
8.1.2.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
WWAN API

CharacterSet
Unicode

LinkerVersion
12.59

FileTypeExtension
exe

OriginalFileName
Wwapi.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
08.01.02.00 (win7_rtm.090713-1255)

TimeStamp
2018:05:23 02:02:21+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Wwapi.dll

ProductVersion
08.01.02.00

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Windows NT 32-bit

LegalCopyright
Microsoft Corporation. All rights reserved.

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
16384

FileSubtype
0

ProductVersionNumber
8.1.2.0

EntryPoint
0x2260

ObjectFileType
Dynamic link library

File identification
MD5 887cbb83c9ca5e0cf032751e161916fa
SHA1 9439006e8a319b0cf3492485ef8662a8ff5d7770
SHA256 655f13e30f51f933b54225fae5a5b8b9a135325fe8c75e0759b95fe38f08e13b
ssdeep
3072:ZcBUzX2+F3jUFnJZFOQkl4nzVnxsjHqxzty8tU5dTIeuNgLBqt2sfryKXEOs0bam:SVJjLRpzJN/kCWr5eIAfWu

authentihash 2d36a73b717f777d5b0ffd0301bb2400b440dbfca51411d24cfe0d9ab30beb94
imphash c12f2f6c3dcce2fbfa6220dcdb1d925d
File size 180.0 KB ( 184320 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-05-22 18:20:13 UTC ( 9 months ago )
Last submission 2018-05-22 18:20:13 UTC ( 9 months ago )
File names Wwapi.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!