× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6eee8137b37127b63a71d5084074226f5f10e419f6b44f5038693d4bccedadcf
File name: 6eee8137b37127b63a71d5084074226f5f10e419f6b44f5038693d4bccedadcf
Detection ratio: 19 / 70
Analysis date: 2018-12-20 22:42:46 UTC ( 1 month, 4 weeks ago ) View latest
Antivirus Result Update
Acronis malware 20180726
Avast Win32:MalwareX-gen [Trj] 20181220
AVG Win32:MalwareX-gen [Trj] 20181220
Bkav HW32.Packed. 20181220
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
Cybereason malicious.d7bcc2 20180225
Cylance Unsafe 20181220
eGambit Unsafe.AI_Score_99% 20181220
Endgame malicious (high confidence) 20181108
Sophos ML heuristic 20181128
McAfee Emotet-FJX!07CB3E3D7BCC 20181220
McAfee-GW-Edition BehavesLike.Win32.Emotet.cc 20181220
Microsoft Trojan:Win32/Fuerboos.A!cl 20181220
Qihoo-360 HEUR/QVM20.1.0031.Malware.Gen 20181220
Rising Malware.Heuristic!ET#97% (RDM+:cmRtazpe0TYqlAtKNpyEOAieVpZw) 20181220
SentinelOne (Static ML) static engine - malicious 20181011
Symantec ML.Attribute.HighConfidence 20181220
Trapmine malicious.high.ml.score 20181205
Webroot W32.Trojan.Emotet 20181220
Ad-Aware 20181220
AegisLab 20181220
AhnLab-V3 20181220
Alibaba 20180921
ALYac 20181220
Antiy-AVL 20181220
Arcabit 20181220
Avast-Mobile 20181220
Avira (no cloud) 20181220
Babable 20180918
Baidu 20181207
BitDefender 20181220
CAT-QuickHeal 20181220
ClamAV 20181220
CMC 20181219
Comodo 20181220
Cyren 20181220
DrWeb 20181220
Emsisoft 20181220
ESET-NOD32 20181220
F-Prot 20181220
F-Secure 20181220
Fortinet 20181220
GData 20181220
Ikarus 20181220
Jiangmin 20181220
K7AntiVirus 20181220
K7GW 20181220
Kaspersky 20181220
Kingsoft 20181220
Malwarebytes 20181220
MAX 20181220
eScan 20181220
NANO-Antivirus 20181220
Palo Alto Networks (Known Signatures) 20181220
Panda 20181220
Sophos AV 20181220
SUPERAntiSpyware 20181220
Symantec Mobile Insight 20181215
TACHYON 20181220
Tencent 20181220
TheHacker 20181220
TotalDefense 20181220
TrendMicro 20181220
TrendMicro-HouseCall 20181220
Trustlook 20181220
VBA32 20181220
ViRobot 20181220
Yandex 20181220
Zillya 20181219
ZoneAlarm by Check Point 20181220
Zoner 20181220
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © Microsoft Corp. 1993-2001.

Internal name ASYCFILT.DLL
File version 5.1.2600.2180
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-07-18 02:23:20
Entry Point 0x000027A0
Number of sections 8
PE sections
PE imports
IsTokenRestricted
GetDCPenColor
GetPolyFillMode
GetFileTime
NormalizeString
LockFileEx
SetFilePointer
GetTapeStatus
SetEvent
GetConsoleProcessList
GetUserDefaultLCID
GetVersion
EmptyClipboard
GetLastActivePopup
GetSysColor
GetKeyboardType
RegisterRawInputDevices
SCardGetCardTypeProviderNameA
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
CodeSize
135168

UninitializedDataSize
0

LinkerVersion
12.0

ImageVersion
5.1

FileVersionNumber
5.1.2600.2180

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
0

EntryPoint
0x27a0

MIMEType
application/octet-stream

LegalCopyright
Copyright Microsoft Corp. 1993-2001.

FileVersion
5.1.2600.2180

TimeStamp
2002:07:18 04:23:20+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
ASYCFILT.DLL

ProductVersion
5.1.2600.2180

SubsystemVersion
6.0

OSVersion
6.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

LegalTrademarks
Microsoft is a registered trademark of Microsoft Corporation. Windows is a registered trademark of Microsoft Corporation.

FileSubtype
0

ProductVersionNumber
5.1.2600.2180

FileTypeExtension
exe

ObjectFileType
Dynamic link library

Execution parents
File identification
MD5 07cb3e3d7bcc25e3681ce1536cc09775
SHA1 edd155025a9ae96c11b08e39137d608f1479886b
SHA256 6eee8137b37127b63a71d5084074226f5f10e419f6b44f5038693d4bccedadcf
ssdeep
3072:E54diQvC0+WSYh2u/u2ny4B6dCreSSeffF4cNOCT:E5wiQvCEh2u/3VcCrehMfF4cMW

authentihash 6980b8a4031546184e92e13449b60e6af1f602f559dfe5448845520602462b95
imphash fa68d84592f96cc8c11b663a93ddc8aa
File size 120.0 KB ( 122880 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-20 22:42:46 UTC ( 1 month, 4 weeks ago )
Last submission 2018-12-20 23:00:41 UTC ( 1 month, 4 weeks ago )
File names 7OV_M9_whla.exe
A04_0FXp0u.exe
D_rhCziZoQm.exe
ME6s_PwMIVfP_ywcyznl.exe
y_hNP.exe
xCvRt_G3.exe
afC_HxMvtBp8_4WAgF.exe
Q_CrsW6_t.exe
ASYCFILT.DLL
X5yr.exe
711.exe
EA9za4i_7wKlG_Hnkn0a1w.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!