× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 77bbe1ee2efb309f5a78634b8c538c6ae843d02232ec50088bb88c680a71e5ae
File name: 3592D2B4.exe
Detection ratio: 38 / 70
Analysis date: 2018-12-26 23:00:06 UTC ( 1 month, 3 weeks ago ) View latest
Antivirus Result Update
Acronis malware 20181226
Ad-Aware Trojan.GenericKD.40870126 20181226
ALYac Trojan.GenericKD.40870126 20181226
Arcabit Trojan.Generic.D26FA0EE 20181226
Avast Win32:Trojan-gen 20181226
AVG Win32:Trojan-gen 20181226
BitDefender Trojan.GenericKD.40870126 20181226
Comodo Malware@#1lv7f7bmnxzdn 20181226
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cylance Unsafe 20181226
Emsisoft Trojan.GenericKD.40870126 (B) 20181226
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GOCE 20181226
F-Secure Trojan.GenericKD.40870126 20181226
Fortinet W32/Kryptik.GOCE!tr 20181226
GData Win32.Trojan-Spy.Emotet.JF5DNX 20181226
Ikarus Trojan.Win32.Ramdo 20181226
K7AntiVirus Trojan ( 005445d51 ) 20181226
K7GW Trojan ( 005445d51 ) 20181226
Kaspersky Trojan-Banker.Win32.Emotet.bwre 20181226
Malwarebytes Trojan.Emotet 20181226
MAX malware (ai score=100) 20181226
McAfee Emotet-FJE!E47543F438C5 20181226
McAfee-GW-Edition Emotet-FJE!E47543F438C5 20181226
Microsoft Trojan:Win32/Emotet.AC!bit 20181226
eScan Trojan.GenericKD.40870126 20181226
Palo Alto Networks (Known Signatures) generic.ml 20181226
Panda Trj/Genetic.gen 20181226
Qihoo-360 Win32/Trojan.711 20181226
Rising Trojan.Kryptik!8.8 (CLOUD) 20181226
SentinelOne (Static ML) static engine - malicious 20181223
Sophos AV Mal/Generic-S 20181226
Symantec Packed.Generic.517 20181226
Tencent Win32.Trojan-banker.Emotet.Ajld 20181226
TrendMicro TROJ_FRS.VSN19L18 20181226
TrendMicro-HouseCall TROJ_FRS.VSN19L18 20181226
Webroot W32.Trojan.Emotet 20181226
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bwre 20181226
AegisLab 20181226
AhnLab-V3 20181226
Alibaba 20180921
Antiy-AVL 20181226
Avast-Mobile 20181226
Avira (no cloud) 20181226
Babable 20180918
Baidu 20181207
Bkav 20181224
CAT-QuickHeal 20181226
ClamAV 20181226
CMC 20181226
Cybereason 20180225
Cyren 20181226
DrWeb 20181226
eGambit 20181226
F-Prot 20181226
Sophos ML 20181128
Jiangmin 20181226
Kingsoft 20181226
NANO-Antivirus 20181226
SUPERAntiSpyware 20181226
Symantec Mobile Insight 20181225
TACHYON 20181226
TheHacker 20181225
TotalDefense 20181226
Trapmine 20181205
Trustlook 20181226
VBA32 20181226
ViRobot 20181226
Yandex 20181226
Zillya 20181225
Zoner 20181225
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) Microsoft Corp. 1995-1999

Product COM Services
Internal name MTxDm.DLL
File version 2001.12.4414.42
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-12-24 22:10:35
Entry Point 0x00002AAE
Number of sections 5
PE sections
PE imports
GetUserNameA
GetSecurityDescriptorControl
GetMapMode
GetObjectType
GetUserDefaultUILanguage
GetStringScripts
DeviceIoControl
GetSystemDefaultLangID
QueryIdleProcessorCycleTime
GetModuleHandleA
lstrcmpiA
VirtualQueryEx
GetSystemRegistryQuota
GetVolumeNameForVolumeMountPointW
GetStringTypeExA
ExitThread
FlsFree
WriteProfileStringW
LZInit
ExtractAssociatedIconW
DrawFocusRect
SetParent
IsCharUpperW
GetRawInputDeviceList
GetUpdateRect
ModifyMenuA
GetFileVersionInfoSizeA
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
CodeSize
280576

UninitializedDataSize
4294967295

LinkerVersion
12.1

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2001.12.4414.42

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
155648

EntryPoint
0x2aae

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) Microsoft Corp. 1995-1999

FileVersion
2001.12.4414.42

TimeStamp
2018:12:24 14:10:35-08:00

FileType
Win32 EXE

PEType
PE32

InternalName
MTxDm.DLL

ProductVersion
03.00.00.4414

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

LegalTrademarks
Microsoft(R) is a registered trademark of Microsoft Corporation. Windows(TM) is a trademark of Microsoft Corporation

ProductName
COM Services

ProductVersionNumber
3.0.0.4414

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 e47543f438c5053c485bb1b88f3b1f63
SHA1 5b2826d2533ee1bfe56d9b37071817177be6927b
SHA256 77bbe1ee2efb309f5a78634b8c538c6ae843d02232ec50088bb88c680a71e5ae
ssdeep
3072:4LxjA6FXlOg1+jrbhnb0wGaTTmftEc6BYOHm7zeyy4QH:4LxDOg141nbUa3sH6BDHCze

authentihash 652c4d141dfa8768f21675d477a97741dadf307c46068b41b5f28b6cddc1ab0c
imphash 75ff086316723b61bc4869b668ee7c19
File size 576.0 KB ( 589824 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-24 22:15:41 UTC ( 1 month, 3 weeks ago )
Last submission 2018-12-24 22:15:41 UTC ( 1 month, 3 weeks ago )
File names 15133144.exe
3592D2B4.exe
8120704.exe
MTxDm.DLL
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!