× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 667d33ae21ef57c08c9cde2371802fe32d63e789e84db21c179bc91a35351582
File name: 8jQIC9V6MPj.exe
Detection ratio: 17 / 70
Analysis date: 2019-02-04 17:06:22 UTC ( 3 months, 2 weeks ago ) View latest
Antivirus Result Update
Acronis suspicious 20190130
AegisLab Trojan.Win32.Generic.ljax 20190204
Bkav HW32.Packed. 20190201
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181023
Cylance Unsafe 20190204
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/GenKryptik.CYKU 20190204
Sophos ML heuristic 20181128
McAfee Emotet-FID!6824BC4A70C6 20190204
Qihoo-360 HEUR/QVM19.1.01B3.Malware.Gen 20190204
Rising Trojan.Kryptik!8.8/N3#89% (RDM+:cmRtazoziyP4nGevH4GAoaxu2ev/) 20190204
SentinelOne (Static ML) static engine - malicious 20190203
Symantec ML.Attribute.HighConfidence 20190204
Trapmine malicious.high.ml.score 20190123
VBA32 BScope.Trojan.Refinka 20190204
VIPRE LooksLike.Win32.Dridex.e (v) 20190204
Webroot W32.Trojan.Gen 20190204
Ad-Aware 20190204
AhnLab-V3 20190204
Alibaba 20180921
ALYac 20190204
Antiy-AVL 20190204
Arcabit 20190204
Avast 20190204
Avast-Mobile 20190204
AVG 20190204
Avira (no cloud) 20190204
Babable 20180918
Baidu 20190202
BitDefender 20190204
CAT-QuickHeal 20190204
ClamAV 20190204
CMC 20190204
Comodo 20190204
Cybereason 20190109
Cyren 20190204
DrWeb 20190204
eGambit 20190204
Emsisoft 20190204
F-Prot 20190204
F-Secure 20190204
Fortinet 20190201
GData 20190204
Ikarus 20190204
Jiangmin 20190204
K7AntiVirus 20190204
K7GW 20190204
Kaspersky 20190204
Kingsoft 20190204
Malwarebytes 20190204
MAX 20190204
McAfee-GW-Edition 20190204
Microsoft 20190204
eScan 20190204
NANO-Antivirus 20190204
Palo Alto Networks (Known Signatures) 20190204
Panda 20190204
Sophos AV 20190204
SUPERAntiSpyware 20190130
TACHYON 20190204
Tencent 20190204
TheHacker 20190203
TrendMicro 20190204
TrendMicro-HouseCall 20190204
Trustlook 20190204
ViRobot 20190203
Yandex 20190204
Zillya 20190201
ZoneAlarm by Check Point 20190204
Zoner 20190204
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All r

Product Micro
File version 6.1.7600.
Description WER Diagnostic Contr
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2000-02-09 10:03:08
Entry Point 0x00003EB0
Number of sections 9
PE sections
PE imports
IsTokenRestricted
QueryUsersOnEncryptedFile
QueryThreadCycleTime
LocalSize
SetSystemFileCacheSize
GetTimeZoneInformation
GetCommandLineW
CreateSemaphoreW
GetSystemDefaultLCID
GetTickCount
GetThreadTimes
GetSystemTimes
LoadLibraryA
EndDeferWindowPos
IsCharAlphaW
IsWindow
GetMenuItemInfoA
SetWindowPlacement
GetMessageExtraInfo
GetClassWord
GetWindow
GetMenuBarInfo
Number of PE resources by type
RT_DIALOG 22
RT_STRING 11
RT_VERSION 1
Number of PE resources by language
ENGLISH US 4
SWEDISH 3
PORTUGUESE 3
GERMAN 3
SPANISH 3
FRENCH 3
PORTUGUESE BRAZILIAN 3
ENGLISH UK 3
DUTCH 3
SPANISH MEXICAN 3
ITALIAN 3
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
6.1

InitializedDataSize
159744

ImageVersion
0.0

ProductName
Micro

FileVersionNumber
2.1.10.138

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
11.2

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
6.1.7600.

TimeStamp
2000:02:09 10:03:08+00:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
4.00.97

FileDescription
WER Diagnostic Contr

OSVersion
6.0

FileOS
Win32

LegalCopyright
Microsoft Corporation. All r

MachineType
Intel 386 or later, and compatibles

CompanyName
3dfx Interactive, Inc.

CodeSize
0

FileSubtype
0

ProductVersionNumber
2.6.2.116

EntryPoint
0x3eb0

ObjectFileType
Dynamic link library

File identification
MD5 6824bc4a70c697590831af2dab690da4
SHA1 371cdce7381c00a0c7194892d4f4b87f3386645e
SHA256 667d33ae21ef57c08c9cde2371802fe32d63e789e84db21c179bc91a35351582
ssdeep
3072:HxbIKsPZ0fDuBWG+4+tyxclqoHKrnOcjVLjIRFm5Rw4CWY86bIWLLNrme/1ZR:HxbI+QR+55qdicjVLmFmXI

authentihash c9fdc684c0105b89310102af54e8525a200f6f14bb65788ebcc19e53be1dce03
imphash a1ee7fcf4cfa56cf9f5a96c489d7e423
File size 168.0 KB ( 172032 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
peexe

VirusTotal metadata
First submission 2019-02-04 17:06:22 UTC ( 3 months, 2 weeks ago )
Last submission 2019-02-04 20:15:16 UTC ( 3 months, 2 weeks ago )
File names subsmfidl.exe
8jQIC9V6MPj.exe
startedwfp.exe
adminzip.exe
ipropiss.exe
dLflpUtFnLFO.exe
had5AHOf.exe
pnpsource.exe
LcOy0ufSVZG3Yhl_aafO.exe
tuipenroll.exe
5AwUzzxJMJt.exe
rightpanes.exe
uuidgenrepl.exe
1Q5GiOex.exe
policbased.exe
lhLaFKVd77_qc.exe
adminwithout.exe
eapdiag.exe
BDIW8EwA.exe
diagiprop.exe
mdmmcdturned.exe
culturewordpad.exe
zippanes.exe
hqPIztv9xRZ.exe
servvsc.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!