× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 751748db79c583ed45ebaaa9f038a0e2426481918f7a80b361934d21e7b7b48a
File name: 393441551cdc19ebf6bad9a3d45e73b3
Detection ratio: 45 / 71
Analysis date: 2019-01-06 13:03:14 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
Acronis suspicious 20181227
Ad-Aware Trojan.Autoruns.GenericKDS.31449798 20190106
AhnLab-V3 Trojan/Win32.Emotet.R250195 20190106
ALYac Trojan.Autoruns.GenericKDS.31449798 20190106
Arcabit Trojan.Autoruns.GenericS.D1DFE2C6 20190106
Avast Win32:Malware-gen 20190106
AVG Win32:Malware-gen 20190106
BitDefender Trojan.Autoruns.GenericKDS.31449798 20190106
Comodo Malware@#4q25gtu3mu33 20190106
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
Cylance Unsafe 20190106
Cyren W32/Emotet.LO.gen!Eldorado 20190106
eGambit Unsafe.AI_Score_68% 20190106
Emsisoft Trojan.Autoruns.GenericKDS.31449798 (B) 20190106
Endgame malicious (moderate confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GOCT 20190106
F-Prot W32/Emotet.LO.gen!Eldorado 20190106
F-Secure Trojan.Autoruns.GenericKDS.31449798 20190106
Fortinet W32/Kryptik.GOIA!tr 20190106
GData Trojan.Autoruns.GenericKDS.31449798 20190106
Sophos ML heuristic 20181128
K7AntiVirus Trojan ( 0054486d1 ) 20190106
K7GW Trojan ( 0054486d1 ) 20190106
Kaspersky Trojan-Banker.Win32.Emotet.bwtv 20190106
Malwarebytes Trojan.Emotet 20190106
MAX malware (ai score=87) 20190106
McAfee Emotet-FID!393441551CDC 20190106
McAfee-GW-Edition Emotet-FID!393441551CDC 20190106
Microsoft Trojan:Win32/Emotet.AC!bit 20190106
eScan Trojan.Autoruns.GenericKDS.31449798 20190106
Palo Alto Networks (Known Signatures) generic.ml 20190106
Panda Trj/Genetic.gen 20190106
Qihoo-360 Win32/Trojan.97a 20190106
Rising Trojan.Emotet!8.B95 (TFE:dGZlOgH9KTe7Fztb2w) 20190106
SentinelOne (Static ML) static engine - malicious 20181223
Sophos AV Mal/EncPk-ANY 20190106
Symantec Packed.Generic.517 20190105
Tencent Win32.Trojan-banker.Emotet.Ljke 20190106
Trapmine malicious.high.ml.score 20190103
TrendMicro TrojanSpy.Win32.EMOTET.SMTHGB1.hp 20190106
TrendMicro-HouseCall TrojanSpy.Win32.EMOTET.SMTHGB1.hp 20190106
VBA32 BScope.Trojan.Emotet 20190104
VIPRE Trojan.Win32.Generic!BT 20190106
Webroot W32.Trojan.Emotet 20190106
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bwtv 20190106
AegisLab 20190106
Alibaba 20180921
Antiy-AVL 20190106
Avast-Mobile 20190106
Avira (no cloud) 20190106
Babable 20180918
Baidu 20190104
Bkav 20190104
CAT-QuickHeal 20190105
ClamAV 20190106
CMC 20190105
Cybereason 20180225
DrWeb 20190106
Ikarus 20190105
Jiangmin 20190106
Kingsoft 20190106
NANO-Antivirus 20190106
SUPERAntiSpyware 20190102
TACHYON 20190106
TheHacker 20190104
TotalDefense 20190106
Trustlook 20190106
ViRobot 20190106
Yandex 20181229
Zillya 20190105
Zoner 20190106
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
License: MPL 1.1/GPL 2.0/LGPL 2.1

Product Mozilla
Internal name palmsync
File version 1.4: 2003062408
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-08-04 07:56:09
Entry Point 0x00011E6E
Number of sections 5
PE sections
PE imports
RegDeleteKeyA
RegCreateKeyExA
ImageList_GetImageCount
GetColorAdjustment
GetViewportOrgEx
GetCharacterPlacementA
ImmSetCompositionStringW
GetIpForwardTable
GetWindowsDirectoryW
FlsFree
Process32First
GetConsoleCP
WriteFile
SetEndOfFile
Wow64EnableWow64FsRedirection
GetDynamicTimeZoneInformation
VerifyScripts
GetModuleHandleW
GetNamedPipeClientSessionId
FillConsoleOutputCharacterA
VarDateFromBool
VarUI2FromStr
SafeArrayCreateEx
IsPwrHibernateAllowed
RasEnumConnectionsW
I_RpcMapWin32Status
SetupFindNextMatchLineW
PathAddBackslashW
StrRChrIA
SHQueryInfoKeyW
GetCaretPos
GetGuiResources
DlgDirListComboBoxW
MessageBoxA
CreateWindowStationW
HttpOpenRequestA
midiOutMessage
g_rgSCardRawPci
towupper
OleDoAutoConvert
RegisterDragDrop
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
CodeSize
77312

UninitializedDataSize
0

LinkerVersion
12.0

ImageVersion
0.1

FileSubtype
0

FileVersionNumber
1.4.20030.62408

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
171520

EntryPoint
0x11e6e

MIMEType
application/octet-stream

LegalCopyright
License: MPL 1.1/GPL 2.0/LGPL 2.1

FileVersion
1.4: 2003062408

TimeStamp
2004:08:04 08:56:09+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
palmsync

ProductVersion
1.4: 2003062408

SubsystemVersion
5.1

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Mozilla, Netscape

LegalTrademarks
Mozilla, Netscape

ProductName
Mozilla

ProductVersionNumber
1.4.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 393441551cdc19ebf6bad9a3d45e73b3
SHA1 40d530d430189b726e40f7c9b58afad07ccb7b4d
SHA256 751748db79c583ed45ebaaa9f038a0e2426481918f7a80b361934d21e7b7b48a
ssdeep
6144:l7lWvfN9sKr4nXpp8gslINHqjbkvwSrMb3eQ:l7Qvzansgs0HUQoSrc

authentihash 40bd6b39d0bc9179ff5b9e9f25a214559b5fa13931f23a25a07ca07af7e95161
imphash c4c1b73afc240c009f3e3b408386e6e3
File size 237.0 KB ( 242688 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2019-01-06 13:03:14 UTC ( 1 month, 1 week ago )
Last submission 2019-01-06 13:03:14 UTC ( 1 month, 1 week ago )
File names palmsync
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!