× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6a80379ecf316d9589c4a947deb4f4603dbb5960f9c56590d761081f44464064
File name: hTe2GEVu4VxcMgxrPc.exe
Detection ratio: 47 / 70
Analysis date: 2018-11-26 15:49:19 UTC ( 2 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.31364672 20181126
AegisLab Trojan.Win32.Generic.ljcV 20181126
AhnLab-V3 Trojan/Win32.Emotet.R245745 20181126
ALYac Trojan.Agent.Emotet 20181126
Arcabit Trojan.Generic.D1DE9640 20181126
Avast Win32:Malware-gen 20181126
AVG Win32:Malware-gen 20181126
BitDefender Trojan.GenericKD.31364672 20181126
CAT-QuickHeal Trojan.Emotet 20181126
Comodo Malware@#2qv7uu6v4r1bi 20181126
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.632d5a 20180225
Cylance Unsafe 20181126
Cyren W32/Trojan.CXKQ-0401 20181126
DrWeb Trojan.EmotetENT.303 20181126
Emsisoft Trojan.Emotet (A) 20181126
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GNAS 20181126
F-Prot W32/Emotet.JL.gen!Eldorado 20181126
F-Secure Trojan.GenericKD.31364672 20181126
Fortinet W32/Kryptik.GMOJ!tr 20181126
GData Trojan.GenericKD.31364672 20181126
Ikarus Trojan-Banker.Emotet 20181126
Sophos ML heuristic 20181108
K7AntiVirus Trojan ( 0053b6a31 ) 20181126
K7GW Trojan ( 0053b6a31 ) 20181126
Kaspersky Trojan-Banker.Win32.Emotet.brfk 20181126
Malwarebytes Trojan.Emotet 20181126
MAX malware (ai score=84) 20181126
McAfee Emotet-FJR!D3EEC12632D5 20181126
McAfee-GW-Edition BehavesLike.Win32.Suspiciousatg.ch 20181126
Microsoft Trojan:Win32/Emotet.AC!bit 20181126
eScan Trojan.GenericKD.31364672 20181126
NANO-Antivirus Trojan.Win32.Emotet.fkoqqi 20181126
Palo Alto Networks (Known Signatures) generic.ml 20181126
Panda Trj/RnkBend.A 20181125
Qihoo-360 HEUR/QVM20.1.5CD1.Malware.Gen 20181126
Rising Trojan.GenKryptik!8.AA55 (CLOUD) 20181126
Sophos AV Mal/EncPk-ANY 20181126
Symantec Trojan.Emotet 20181126
Tencent Win32.Trojan-banker.Emotet.Wsty 20181126
Trapmine malicious.high.ml.score 20181126
TrendMicro TSPY_EMOTET.THAABCAH 20181126
TrendMicro-HouseCall TSPY_EMOTET.THAABCAH 20181126
VBA32 BScope.TrojanBanker.Emotet 20181126
Webroot W32.Trojan.Emotet 20181126
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.brfk 20181126
Alibaba 20180921
Antiy-AVL 20181126
Avast-Mobile 20181126
Avira (no cloud) 20181126
Babable 20180918
Baidu 20181126
Bkav 20181126
ClamAV 20181126
CMC 20181126
eGambit 20181126
Jiangmin 20181126
Kingsoft 20181126
SentinelOne (Static ML) 20181011
SUPERAntiSpyware 20181121
Symantec Mobile Insight 20181121
TACHYON 20181126
TheHacker 20181126
TotalDefense 20181126
Trustlook 20181126
VIPRE 20181123
ViRobot 20181126
Yandex 20181123
Zillya 20181123
Zoner 20181126
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft

Product Sola Plug-in
Original name c_gb18030.
Internal name Loft Plug-in
File version 1, 5, 2, 50
Description Lynx 64 OPPD
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1994-12-21 05:03:18
Entry Point 0x000016D1
Number of sections 8
PE sections
PE imports
ImpersonateAnonymousToken
RegDisableReflectionKey
RegOverridePredefKey
ResizePalette
GetTextCharsetInfo
SelectClipRgn
OffsetRgn
PtVisible
GetProcessIoCounters
GetThreadPriority
GetSystemInfo
AllocConsole
GetSystemDefaultLCID
TerminateJobObject
IsProcessorFeaturePresent
GetConsoleProcessList
GetCommandLineA
SetConsoleOutputCP
AllocateUserPhysicalPagesNuma
RpcBindingInqAuthInfoExW
SHFormatDrive
MapDialogRect
GetLastInputInfo
AddClipboardFormatListener
EnableWindow
ChildWindowFromPoint
GetComboBoxInfo
TranslateMessage
GetSysColor
SetWindowPos
iswalpha
MkParseDisplayName
CoFreeLibrary
CoRevokeMallocSpy
Number of PE resources by type
RT_DIALOG 19
RT_STRING 10
RT_VERSION 1
Number of PE resources by language
ITALIAN NEUTRAL 3
SWEDISH NEUTRAL 3
CHINESE TRADITIONAL 3
SPANISH NEUTRAL 3
GERMAN NEUTRAL 3
CHINESE SIMPLIFIED 3
JAPANESE DEFAULT 3
FRENCH NEUTRAL 3
ENGLISH US 3
KOREAN 3
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.4.2.50

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Lynx 64 OPPD

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

LinkerVersion
14.0

EntryPoint
0x16d1

OriginalFileName
c_gb18030.

MIMEType
application/x-java-applet;version=1.3.1|application/x-java-bean;version=1.3.1|application/x-java-applet;version=1.4|application/x-java-bean;version=1.4|application/x-java-applet;version=1.4.1|application/x-java-bean;version=1.4.1

LegalCopyright
Microsoft

FileExtents
|||||

FileOpenName
Lync Applet|JavaBeans|Lynx Applet|LunxMings|Ming Applet|SolaBeans

FileVersion
1, 5, 2, 50

TimeStamp
1994:12:21 06:03:18+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Loft Plug-in

ProductVersion
3, 4, 2, 50

SubsystemVersion
5.0

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
LyncSoft / Sun Microsystems, Inc.

CodeSize
12288

ProductName
Sola Plug-in

ProductVersionNumber
1.4.2.50

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 d3eec12632d5aeefc02caec95c6f86f9
SHA1 c53af2204b1d4bcc258f08fca0eb59febe2ccaaa
SHA256 6a80379ecf316d9589c4a947deb4f4603dbb5960f9c56590d761081f44464064
ssdeep
3072:m0DahnaXNNUkuBSfHNQzRXzz13GI39tzxcU4We:iG1ltAjz1WstzxcU4

authentihash e48af697e7a990e2998df91fd24464d99ea2c5e720bcc89d06ef56afd5ace1a0
imphash 4a2e5fce0c7dab140aa74d4bba610165
File size 176.0 KB ( 180224 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-21 22:30:19 UTC ( 3 months ago )
Last submission 2018-11-21 23:02:55 UTC ( 3 months ago )
File names Loft Plug-in
gVHyps5P78m3uz1RZ2N.exe
c_gb18030.
hTe2GEVu4VxcMgxrPc.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!