× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 74949570d849338b3476ab699af78d89a5afa94c4529596cc0f68e4675a53c37
File name: updatewin.exe
Detection ratio: 32 / 70
Analysis date: 2019-01-10 17:39:10 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.40841043 20190110
ALYac Trojan.GenericKD.40841043 20190110
Arcabit Trojan.Generic.D26F2F53 20190110
Avast Win32:Malware-gen 20190110
AVG Win32:Malware-gen 20190110
Avira (no cloud) TR/RedCap.nopwo 20190110
BitDefender Trojan.GenericKD.40841043 20190110
CAT-QuickHeal Trojan.Fuerboos 20190110
Comodo Malware@#32b1m0p8vmv0a 20190110
Cybereason malicious.b6a088 20190109
Cylance Unsafe 20190110
Cyren W32/Trojan.RIMO-3631 20190110
DrWeb Trojan.Faker.12 20190110
Emsisoft Trojan.GenericKD.40841043 (B) 20190110
F-Secure Trojan.GenericKD.40841043 20190110
Fortinet W32/GenericR.OET!tr 20190110
GData Trojan.GenericKD.40841043 20190110
K7AntiVirus Riskware ( 0040eff71 ) 20190110
K7GW Riskware ( 0040eff71 ) 20190110
McAfee GenericR-OET!44FBFADB6A08 20190110
McAfee-GW-Edition GenericR-OET!44FBFADB6A08 20190110
eScan Trojan.GenericKD.40841043 20190110
Panda Trj/GdSda.A 20190109
Qihoo-360 Win32/Trojan.7f8 20190110
Rising Trojan.Fuerboos!8.EFC8 (CLOUD) 20190110
Symantec Trojan.Gen.2 20190110
TrendMicro TROJ_GEN.R002C0PLP18 20190110
TrendMicro-HouseCall TROJ_GEN.R002C0PLP18 20190110
VBA32 BScope.Trojan.Skeeyah 20190110
VIPRE Trojan.Win32.Generic!BT 20190110
Webroot W32.Trojan.Genkd 20190110
Zillya Trojan.GenericKD.Win32.237740 20190109
Acronis 20190110
AegisLab 20190110
AhnLab-V3 20190110
Alibaba 20180921
Antiy-AVL 20190110
Avast-Mobile 20190110
Babable 20180918
Baidu 20190110
Bkav 20190108
ClamAV 20190110
CMC 20190110
CrowdStrike Falcon (ML) 20181023
eGambit 20190110
Endgame 20181108
ESET-NOD32 20190110
F-Prot 20190110
Ikarus 20190110
Sophos ML 20181128
Jiangmin 20190110
Kaspersky 20190110
Kingsoft 20190110
MAX 20190110
Microsoft 20190110
NANO-Antivirus 20190110
Palo Alto Networks (Known Signatures) 20190110
SentinelOne (Static ML) 20181223
Sophos AV 20190110
SUPERAntiSpyware 20190109
TACHYON 20190110
Tencent 20190110
TheHacker 20190106
TotalDefense 20190110
Trapmine 20190103
Trustlook 20190110
ViRobot 20190110
Yandex 20190110
ZoneAlarm by Check Point 20190110
Zoner 20190110
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-11-07 15:49:36
Entry Point 0x00001A9B
Number of sections 5
PE sections
PE imports
InitCommonControlsEx
TextOutW
SetBkMode
CreateSolidBrush
SelectObject
SetTextAlign
DeleteObject
CreateFontW
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetSystemTimeAsFileTime
EnterCriticalSection
LCMapStringW
GetModuleFileNameW
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
ExitProcess
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
RtlUnwind
lstrlenW
FindFirstFileExW
GetStdHandle
DeleteCriticalSection
GetCurrentProcess
GetStartupInfoW
GetConsoleMode
DecodePointer
GetCurrentProcessId
GetCommandLineW
CreateThread
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
HeapSize
SetFilePointerEx
FreeEnvironmentStringsW
GetCommandLineA
GetProcAddress
InitializeSListHead
GetProcessHeap
SetStdHandle
RaiseException
GetCPInfo
TlsFree
FindNextFileW
SetUnhandledExceptionFilter
WriteFile
CloseHandle
IsProcessorFeaturePresent
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
FreeLibrary
TerminateProcess
WideCharToMultiByte
GetModuleHandleExW
IsValidCodePage
SetLastError
CreateFileW
FindClose
TlsGetValue
Sleep
GetFileType
TlsSetValue
HeapAlloc
GetCurrentThreadId
WriteConsoleW
LeaveCriticalSection
GetMonitorInfoW
UpdateWindow
BeginPaint
GetMessageW
DefWindowProcW
MoveWindow
PostQuitMessage
ShowWindow
SetWindowPos
RegisterClassExW
DrawIcon
DialogBoxParamW
TranslateMessage
DispatchMessageW
CreateDialogParamW
SendMessageW
wsprintfW
LoadStringW
GetClientRect
GetDlgItem
MonitorFromWindow
InvalidateRect
FillRect
GetDesktopWindow
LoadCursorW
LoadIconW
CreateWindowExW
LoadAcceleratorsW
EndPaint
TranslateAcceleratorW
DestroyWindow
timeGetTime
Number of PE resources by type
RT_ICON 18
RT_DIALOG 2
RT_GROUP_ICON 2
RT_MANIFEST 1
RT_STRING 1
RT_MENU 1
RT_ACCELERATOR 1
Number of PE resources by language
RUSSIAN 25
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:11:07 07:49:36-08:00

FileType
Win32 EXE

PEType
PE32

CodeSize
46080

LinkerVersion
14.15

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x1a9b

InitializedDataSize
87552

SubsystemVersion
6.0

ImageVersion
0.0

OSVersion
6.0

UninitializedDataSize
0

File identification
MD5 44fbfadb6a088da850f521dd8b783344
SHA1 53aa3bd4b371c4be243a70a15350650b0c97e0df
SHA256 74949570d849338b3476ab699af78d89a5afa94c4529596cc0f68e4675a53c37
ssdeep
3072:R5gPfJ0y76KyOoUjLFfiDo6bKV8aW2DW26JF:R5gPDmpgUS8axDx6F

authentihash e89eb359783dafb9954ac1b5c5955eacd91163c095c8b277d9602dbdb5603310
imphash c514b0944baa377cd68083b912c093ee
File size 128.0 KB ( 131072 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (61.7%)
Win32 Dynamic Link Library (generic) (14.7%)
Win32 Executable (generic) (10.0%)
OS/2 Executable (generic) (4.5%)
Generic Win/DOS Executable (4.4%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-18 22:25:13 UTC ( 2 months ago )
Last submission 2019-01-02 00:28:59 UTC ( 1 month, 2 weeks ago )
File names updatewin.exe
updatewin.exe
44fbfadb6a088da850f521dd8b783344.virus
updatewin.exe
updatewin.exe
updatewin.exe
updatewin.exe
updatewin.exe
updatewin.exe
updatewin.exe
updatewin.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!