× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 78ccba1d9e5d32658ce4cd4b2f8a8be65c6aa6a4f4eec2016777afb3a50ac843
File name: oFrM0jNVG.exe
Detection ratio: 17 / 70
Analysis date: 2018-11-23 19:42:21 UTC ( 2 months, 4 weeks ago ) View latest
Antivirus Result Update
Bkav HW32.Packed. 20181123
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
Cybereason malicious.798d35 20180225
Cylance Unsafe 20181123
Endgame malicious (high confidence) 20181108
Fortinet W32/GenKryptik.CRRV!tr 20181123
Sophos ML heuristic 20181108
McAfee Emotet-FKM!912807D798D3 20181123
McAfee-GW-Edition BehavesLike.Win32.Emotet.cc 20181123
Microsoft Trojan:Win32/Fuerboos.A!cl 20181123
NANO-Antivirus Virus.Win32.Gen.ccmw 20181123
Qihoo-360 HEUR/QVM20.1.6781.Malware.Gen 20181123
Rising Malware.Heuristic!ET#92% (RDM+:cmRtazq+xWVjKbqi854kUFSvS4F7) 20181123
SentinelOne (Static ML) static engine - malicious 20181011
Sophos AV Mal/EncPk-ANR 20181123
Symantec ML.Attribute.HighConfidence 20181123
Trapmine malicious.high.ml.score 20180918
Ad-Aware 20181123
AegisLab 20181123
AhnLab-V3 20181123
Alibaba 20180921
ALYac 20181123
Antiy-AVL 20181123
Arcabit 20181123
Avast 20181123
Avast-Mobile 20181123
AVG 20181123
Avira (no cloud) 20181123
Babable 20180918
Baidu 20181123
BitDefender 20181123
CAT-QuickHeal 20181123
ClamAV 20181123
CMC 20181123
Comodo 20181123
Cyren 20181123
DrWeb 20181123
eGambit 20181123
Emsisoft 20181123
ESET-NOD32 20181123
F-Prot 20181123
F-Secure 20181123
GData 20181123
Ikarus 20181123
Jiangmin 20181123
K7AntiVirus 20181123
K7GW 20181123
Kaspersky 20181123
Kingsoft 20181123
Malwarebytes 20181123
MAX 20181123
eScan 20181123
Palo Alto Networks (Known Signatures) 20181123
Panda 20181123
SUPERAntiSpyware 20181121
Symantec Mobile Insight 20181121
TACHYON 20181123
Tencent 20181123
TheHacker 20181118
TotalDefense 20181123
TrendMicro 20181123
TrendMicro-HouseCall 20181123
Trustlook 20181123
VBA32 20181123
VIPRE 20181123
ViRobot 20181123
Webroot 20181123
Yandex 20181123
Zillya 20181123
ZoneAlarm by Check Point 20181123
Zoner 20181123
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Internal name o
Description ODBC
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1995-11-13 23:08:05
Entry Point 0x00003420
Number of sections 7
PE sections
PE imports
JetUpdate
lstrcpyW
lstrlenW
GetCommandLineW
SetCapture
IsWindowVisible
GetScrollPos
SetCursorPos
GetFocus
GetKeyState
Number of PE resources by type
RT_STRING 2
RT_VERSION 1
Number of PE resources by language
NORWEGIAN BOKMAL 3
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
13.0

ImageVersion
0.1

FileVersionNumber
1.6.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
ODBC

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

Ht
Microsoft Corporation. All r

EntryPoint
0x3420

MIMEType
application/octet-stream

TimeStamp
1995:11:13 15:08:05-08:00

FileType
Win32 EXE

PEType
PE32

InternalName
o

SubsystemVersion
5.0

OSVersion
6.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TVersion
1.0

CodeSize
12288

FileSubtype
0

ProductVersionNumber
1.6.0.0

InitializedDataSize
0

FileTypeExtension
exe

ObjectFileType
Executable application

Execution parents
File identification
MD5 912807d798d35323a534fdb59399a9b0
SHA1 2060d9f147311fdeec4de5f5d940b7a6f849846d
SHA256 78ccba1d9e5d32658ce4cd4b2f8a8be65c6aa6a4f4eec2016777afb3a50ac843
ssdeep
3072:ePsv/P6gmhkFDDQKSZ4k5AF6xIsawMlkgu866:S9QD+zyF6xIsaFXP

authentihash fe63d8538a88723046775ec42a3f425b70ef25208f1896e26062f4b24bfddd67
imphash 83eb829a030547eb063d860f40f8e0c6
File size 132.0 KB ( 135168 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-23 19:42:21 UTC ( 2 months, 4 weeks ago )
Last submission 2018-11-30 02:53:24 UTC ( 2 months, 3 weeks ago )
File names 8nVuBkAH1Mus.exe
7gMSKYgRoRM.exe
output.114552715.txt
912807d798d35323a534fdb59399a9b0
VAC5PSzDIXMf.exe
nyvGRpUUyz.exe
vuqiEaWMD.exe
8pcw2jnnWH.exe
oEmLuhsUKlH3.exe
prgyVzdSBLn.exe
AKzfEFqDCdu.exe
avistr.exe
rIuKcZEiv.exe
dai.exe
vGJOOL16yEL.exe
mjg.exe
tzp.exe
aq8ogvxIu.exe
RAW1HYU1hS76.ex_
IWFLn9lnnS.exe
izeSlwDYRak.exe
q5xRle75pp.exe
x7Fs2UMEk8.exe
7YEmPoJTl4a.exe
YXz2T86hEpP.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.