× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7ae1be093d52c6a30d837d8e1c61e40a3921fe08870390e737ace16fdd4c5154
File name: crebale
Detection ratio: 57 / 72
Analysis date: 2019-01-16 04:12:30 UTC ( 1 day, 8 hours ago )
Antivirus Result Update
Acronis suspicious 20190111
Ad-Aware Trojan.GenericKD.30316815 20190114
AhnLab-V3 Trojan/Win32.Emotet.R219665 20190114
ALYac Trojan.Agent.Emotet 20190114
Antiy-AVL Trojan/Win32.SGeneric 20190114
Arcabit Trojan.Generic.D1CE990F 20190114
Avast Win32:TrojanX-gen [Trj] 20190115
AVG Win32:TrojanX-gen [Trj] 20190115
Avira (no cloud) HEUR/AGEN.1024009 20190115
AVware Trojan.Win32.Generic!BT 20180925
BitDefender Trojan.GenericKD.30316815 20190115
CAT-QuickHeal Trojan.Dovs 20190115
ClamAV Win.Trojan.Emotet-6441926-0 20190115
Comodo Malware@#2t2l37fk7bczk 20190114
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181023
Cybereason malicious.11ba64 20190109
Cylance Unsafe 20190115
Cyren W32/S-35c37081!Eldorado 20190115
Emsisoft Trojan.GenericKD.30316815 (B) 20190114
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GCTW 20190115
F-Prot W32/S-35c37081!Eldorado 20190115
F-Secure Trojan.GenericKD.30316815 20190114
Fortinet W32/Kryptik.GCTW!tr 20190114
GData Win32.Trojan-Spy.Emotet.LK 20190115
Ikarus Trojan-Banker.Emotet 20190115
Sophos ML heuristic 20181128
Jiangmin Trojan.Dovs.ddy 20190115
K7AntiVirus Trojan ( 005262581 ) 20190115
K7GW Trojan ( 005262581 ) 20190115
Kaspersky Trojan.Win32.Dovs.rgb 20190115
Malwarebytes Trojan.Emotet 20190115
MAX malware (ai score=94) 20190115
McAfee Emotet-FCY! 20190115
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20190115
Microsoft TrojanDropper:Win32/Dinosmal.A 20190114
eScan Trojan.GenericKD.30316815 20190115
NANO-Antivirus Trojan.Win32.Dovs.exvsee 20190115
Palo Alto Networks (Known Signatures) generic.ml 20190115
Panda Trj/RnkBend.A 20190115
Qihoo-360 HEUR/QVM20.1.0533.Malware.Gen 20190115
Rising Dropper.Dinosmal!8.EE74 (CLOUD) 20190115
Sophos AV Mal/EncPk-ANX 20190115
SUPERAntiSpyware Trojan.Agent/Gen-Kryptik 20190109
Symantec Trojan.Emotet 20190114
Tencent Win32.Trojan.Generic.Lohk 20190115
TheHacker Trojan/Kryptik.gctw 20190114
Trapmine malicious.high.ml.score 20190102
TrendMicro TSPY_EMOTET.THAOBFH 20190114
TrendMicro-HouseCall TSPY_EMOTET.THAOBFH 20190114
VBA32 BScope.Trojan.Bitrep 20190114
VIPRE Trojan.Win32.Generic!BT 20190114
ViRobot Trojan.Win32.Z.Emotet.126976.FJ 20190114
Webroot W32.Trojan.Emotet 20190115
Yandex Trojan.Dovs! 20190111
Zillya Trojan.Dovs.Win32.3092 20190114
ZoneAlarm by Check Point Trojan.Win32.Dovs.rgb 20190114
AegisLab 20190114
Alibaba 20180921
Avast-Mobile 20190115
Babable 20180917
Baidu 20190115
Bkav 20190108
CMC 20190114
DrWeb 20190114
eGambit 20190115
Kingsoft 20190115
SentinelOne (Static ML) 20181223
TACHYON 20190114
TotalDefense 20190114
Trustlook 20190115
Zoner 20190114
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microso

Product Microsoft®
Original name crebale.exe
Internal name crebale
Description Fingers 75-key Keyboard Layout
Comments Mapleli company
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-02-06 16:39:59
Entry Point 0x000019E0
Number of sections 6
PE sections
PE imports
CertSetEnhancedKeyUsage
JetCloseDatabase
GetDCBrushColor
RectInRegion
SetDCBrushColor
PlayMetaFile
GetBkColor
GetRasterizerCaps
PlgBlt
SuspendThread
LocalFree
GetSystemDefaultLangID
GetProcessAffinityMask
GetSystemInfo
AttachConsole
SetConsoleCP
GetConsoleWindow
LoadLibraryExW
GetUserPreferredUILanguages
GetConsoleProcessList
GetNumberOfConsoleMouseButtons
lstrcmpW
GetCommandLineW
VarI2FromStr
RasSetCredentialsW
CommandLineToArgvW
DrawTextA
GetCaretPos
IsWindowVisible
DeleteFormW
calloc
fputc
Number of PE resources by type
RT_ICON 2
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
RUSSIAN 4
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
Mapleli company

LinkerVersion
10.18

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.5.0.0

LanguageCode
Russian

FileFlagsMask
0x003f

FileDescription
Fingers 75-key Keyboard Layout

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Cyrillic

InitializedDataSize
0

EntryPoint
0x19e0

OriginalFileName
crebale.exe

MIMEType
application/octet-stream

LegalCopyright
Microso

TimeStamp
2018:02:06 08:39:59-08:00

FileType
Win32 EXE

PEType
PE32

InternalName
crebale

ProductVersion
17.1

UninitializedDataSize
0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Micr

CodeSize
0

ProductName
Microsoft

ProductVersionNumber
0.5.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 a7b011b11ba64e0245fd034f1d803b0b
SHA1 5fbaa7dbadf3b8d797c21303293e5f0e70979b2c
SHA256 7ae1be093d52c6a30d837d8e1c61e40a3921fe08870390e737ace16fdd4c5154
ssdeep
1536:PIOrEcq+QPzVNVsOKwSNIGtgkzFB+VTMFzW1f1VdKV4EopVMohsz8W2swZTq43:BE3xL2vIQFB+TMkJ1bKq9pEzxFo

authentihash 64631787109ce8fcae1bacb1a9a0146442e9ffdd6cb5def28db4bdaf2d62385e
imphash 033c43c12e05db94d83fb97477c16bd0
File size 124.0 KB ( 126976 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-02-06 07:43:55 UTC ( 11 months, 2 weeks ago )
Last submission 2018-05-26 18:05:06 UTC ( 7 months, 3 weeks ago )
File names cachevideo.exe
6227.exe
25028440.exe
certcart.exe
27650488.exe
Xc7hC1xXLZSwrvK8ss.exe
KSiFS0rzA1Itf.exe
crebale.exe
48584.exe.4.dr
26469208.exe
flareFile
00548.exe
crebale
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!