× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 74369bdcb31c7124f666cfeadbb07b7299e72222173c6e3298d3d44e78e7f7ac
File name: lxIR6Pxhd.exe
Detection ratio: 43 / 70
Analysis date: 2019-01-12 08:58:35 UTC ( 1 month ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.31519913 20190112
AhnLab-V3 Trojan/Win32.Emotet.R251461 20190112
Alibaba Trojan:Win32/EmotetedCryptc.4b020f28 20180921
ALYac Trojan.GenericKD.31519913 20190112
Arcabit Trojan.Generic.D1E0F4A9 20190112
Avast Win32:TrojanX-gen [Trj] 20190112
AVG Win32:TrojanX-gen [Trj] 20190112
Avira (no cloud) TR/AD.Emotet.kqtzw 20190112
BitDefender Trojan.GenericKD.31519913 20190112
Comodo Malware@#1vfy3minoc2mc 20190112
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181023
Cybereason malicious.4b84bc 20190109
Cylance Unsafe 20190113
eGambit Unsafe.AI_Score_99% 20190113
Emsisoft Trojan.GenericKD.31519913 (B) 20190112
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GOND 20190112
F-Secure Trojan.GenericKD.40935305 20190111
Fortinet W32/Kryptik.GOKZ!tr 20190112
GData Trojan.GenericKD.31519913 20190112
Ikarus Trojan.Win32.Crypt 20190112
Sophos ML heuristic 20181128
K7AntiVirus Riskware ( 0040eff71 ) 20190112
K7GW Riskware ( 0040eff71 ) 20190112
Kaspersky Trojan-Banker.Win32.Emotet.bywa 20190112
Malwarebytes Trojan.Emotet 20190112
McAfee Emotet-FLN!1F280E63CC52 20190112
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20190112
Microsoft Trojan:Win32/Emotet.AC!bit 20190112
eScan Trojan.GenericKD.31519913 20190112
Palo Alto Networks (Known Signatures) generic.ml 20190113
Panda Trj/GdSda.A 20190112
Qihoo-360 HEUR/QVM19.1.77D2.Malware.Gen 20190113
Rising Worm.Mail.Ardurk.f (C64:YzY0OmqofWHrzgHX) 20190112
SentinelOne (Static ML) static engine - malicious 20181223
Sophos AV Mal/Generic-S 20190112
Symantec Packed.Generic.517 20190112
Tencent Win32.Trojan-banker.Emotet.Dzki 20190113
Trapmine malicious.moderate.ml.score 20190103
TrendMicro TROJ_FRS.VSN0BA19 20190112
TrendMicro-HouseCall TrojanSpy.Win32.EMOTET.SMTHGC.hp 20190112
Webroot W32.Trojan.Emotet 20190113
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bywa 20190112
Acronis 20190111
AegisLab 20190112
Antiy-AVL 20190112
Avast-Mobile 20190112
Babable 20180918
Baidu 20190111
Bkav 20190108
CAT-QuickHeal 20190111
ClamAV 20190112
CMC 20190112
Cyren 20190112
DrWeb 20190112
F-Prot 20190112
Jiangmin 20190112
Kingsoft 20190113
MAX 20190113
NANO-Antivirus 20190112
SUPERAntiSpyware 20190109
TACHYON 20190112
TheHacker 20190106
TotalDefense 20190112
Trustlook 20190113
VBA32 20190111
ViRobot 20190112
Yandex 20190111
Zillya 20190111
Zoner 20190111
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsof

Product Ulead VerCheck
Original name VerCheck.exe
Internal name c_iscii
File version 6.1.7601.
Description VerCheck
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-01-11 12:00:47
Entry Point 0x00002834
Number of sections 5
PE sections
PE imports
IsValidAcl
GetSidIdentifierAuthority
GetWindowsAccountDomainSid
LookupPrivilegeDisplayNameA
GetServiceKeyNameA
FindTextW
GetFileTitleW
GetLogColorSpaceA
LineTo
FrameRgn
GetTextFaceW
GetCharWidthW
GetTextCharset
GetBitmapBits
DefineDosDeviceW
FlushConsoleInputBuffer
GetConsoleOutputCP
GetConsoleFontSize
lstrlenA
GetConsoleCP
ExitProcess
GetCurrentProcess
GetConsoleMode
GetSystemDefaultLCID
FreeEnvironmentStringsW
VerifyScripts
FillConsoleOutputAttribute
GetCurrentThread
lstrcpynW
GetTimeFormatW
GetTempPathA
GetFileSizeEx
ExpandEnvironmentStringsW
GetSystemDefaultUILanguage
FreeConsole
GetFileInformationByHandle
GetCommConfig
GetModuleHandleW
LocalFree
GetEnvironmentVariableA
GetConsoleWindow
GetCurrentConsoleFont
GetLongPathNameA
GetErrorInfo
ExtractAssociatedIconA
ExtractIconW
FindExecutableA
ExtractAssociatedIconW
GetMenuItemCount
LookupIconIdFromDirectory
LoadMenuA
GetUserObjectInformationA
DefWindowProcW
DefFrameProcA
CreateIconFromResource
LockWindowUpdate
GetMenuStringA
DefMDIChildProcA
LoadKeyboardLayoutA
GetProcessWindowStation
GetClassLongA
GetKeyState
GetPrinterDriverW
GetPrinterW
strtod
mbtowc
fputws
strtoul
GetConvertStg
FaultInIEFeature
Number of PE resources by type
RT_BITMAP 2
RT_VERSION 1
Number of PE resources by language
ENGLISH US 3
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
4.0

InitializedDataSize
147456

ImageVersion
0.0

ProductName
Ulead VerCheck

FileVersionNumber
1.0.0.1

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
12.0

FileTypeExtension
exe

OriginalFileName
VerCheck.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
6.1.7601.

TimeStamp
2019:01:11 13:00:47+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
c_iscii

ProductVersion
1, 0, 0, 1

FileDescription
VerCheck

OSVersion
5.1

FileOS
Win32

LegalCopyright
Microsof

MachineType
Intel 386 or later, and compatibles

CompanyName
Ulead

CodeSize
16384

FileSubtype
0

ProductVersionNumber
1.0.0.1

EntryPoint
0x2834

ObjectFileType
Dynamic link library

File identification
MD5 1f280e63cc52f4aafc6066c113b0960f
SHA1 d5b28274b84bc4c831b8b89d7a074efb199771e3
SHA256 74369bdcb31c7124f666cfeadbb07b7299e72222173c6e3298d3d44e78e7f7ac
ssdeep
3072:uUQPRM8TTALMiTBRLMR6Gxhwj3oCVwiFdG96/ursAZ:PQPRM8Qf9j3bVfFOP

authentihash 4bfe18396ab81193c0f07cbe9ec6dd816f2a5b81fdb9872d26435beab0c3e599
imphash 6ad0a36179c1a3e24d8217f5870ed642
File size 160.0 KB ( 163840 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2019-01-11 04:02:20 UTC ( 1 month, 1 week ago )
Last submission 2019-01-11 05:16:18 UTC ( 1 month, 1 week ago )
File names c_iscii
lxIR6Pxhd.exe
VerCheck.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!