× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 814fbf37cd913887c3b4cdbd8c4093864e6cdcc283aa09c1aad715806fdbb1a9
File name: G1.exe
Detection ratio: 15 / 66
Analysis date: 2019-03-25 06:05:47 UTC ( 1 month, 3 weeks ago ) View latest
Antivirus Result Update
Acronis suspicious 20190322
AegisLab Trojan.Win32.Malicious.4!c 20190325
AVG FileRepMalware 20190325
CrowdStrike Falcon (ML) win/malicious_confidence_80% (W) 20190212
Cybereason malicious.ec4eb6 20190324
DrWeb Trojan.Siggen8.20095 20190325
Endgame malicious (high confidence) 20190322
ESET-NOD32 a variant of Win32/Kryptik.GRGK 20190325
Sophos ML heuristic 20190313
McAfee-GW-Edition BehavesLike.Win32.Generic.fc 20190325
Microsoft Trojan:Win32/Azden.A!cl 20190325
Palo Alto Networks (Known Signatures) generic.ml 20190325
Rising Trojan.Kryptik!8.8/N3#92% (RDM+:cmRtazq23VPp07YbGrRdxRTRNnj3) 20190325
SentinelOne (Static ML) DFI - Malicious PE 20190317
Trapmine malicious.high.ml.score 20190301
Ad-Aware 20190325
AhnLab-V3 20190325
Alibaba 20190306
ALYac 20190325
Antiy-AVL 20190325
Arcabit 20190324
Avast 20190325
Avast-Mobile 20190324
Avira (no cloud) 20190324
Babable 20180918
Baidu 20190318
BitDefender 20190325
Bkav 20190320
CAT-QuickHeal 20190324
ClamAV 20190324
CMC 20190321
Comodo 20190325
Cyren 20190325
eGambit 20190325
Emsisoft 20190325
F-Secure 20190325
Fortinet 20190325
GData 20190325
Ikarus 20190324
Jiangmin 20190325
K7AntiVirus 20190325
K7GW 20190325
Kaspersky 20190325
Kingsoft 20190325
Malwarebytes 20190325
MAX 20190325
McAfee 20190325
eScan 20190325
NANO-Antivirus 20190325
Panda 20190324
Qihoo-360 20190325
Sophos AV 20190322
SUPERAntiSpyware 20190321
Symantec Mobile Insight 20190220
TACHYON 20190325
Tencent 20190325
TheHacker 20190324
TotalDefense 20190325
TrendMicro-HouseCall 20190325
Trustlook 20190325
VBA32 20190322
VIPRE 20190323
ViRobot 20190325
Yandex 20190324
Zillya 20190324
ZoneAlarm by Check Point 20190325
Zoner 20190325
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-03-23 16:39:27
Entry Point 0x00032DB4
Number of sections 5
PE sections
PE imports
SetTextAlign
GetTextMetricsW
TextOutW
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
IsProcessorFeaturePresent
EnterCriticalSection
LCMapStringW
SetHandleCount
LoadLibraryW
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
EncodePointer
TlsAlloc
GetEnvironmentStringsW
RtlUnwind
lstrlenW
GetStdHandle
HeapSetInformation
GetCurrentProcess
DecodePointer
GetCurrentProcessId
GetCommandLineW
GetCPInfo
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
GetStartupInfoW
FreeEnvironmentStringsW
GetProcAddress
HeapSize
ExitProcess
RaiseException
WideCharToMultiByte
GetModuleFileNameW
TlsFree
DeleteCriticalSection
SetUnhandledExceptionFilter
WriteFile
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
TerminateProcess
IsValidCodePage
HeapCreate
TlsGetValue
Sleep
GetFileType
GetTickCount
TlsSetValue
HeapAlloc
GetCurrentThreadId
InterlockedIncrement
SetLastError
LeaveCriticalSection
EndPaint
UpdateWindow
GetScrollInfo
BeginPaint
DefWindowProcW
GetMessageW
PostQuitMessage
ShowWindow
GetSystemMetrics
RegisterClassExW
TranslateMessage
GetDC
ReleaseDC
SetScrollInfo
SendMessageW
wsprintfW
LoadStringW
DispatchMessageW
LoadCursorW
LoadIconW
CreateWindowExW
LoadAcceleratorsW
ScrollWindow
TranslateAcceleratorW
DestroyWindow
Number of PE resources by type
RT_ICON 10
RT_GROUP_ICON 2
RT_DIALOG 1
RT_MANIFEST 1
RT_STRING 1
RT_MENU 1
RT_ACCELERATOR 1
Number of PE resources by language
ENGLISH US 17
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2019:03:23 17:39:27+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
222208

LinkerVersion
10.0

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x32db4

InitializedDataSize
93696

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.1

UninitializedDataSize
0

File identification
MD5 1b4ebfebe35116ac993c018cfd4f2d38
SHA1 90ef0e7ec4eb6d7518beb0ba9eb63c49a0d72722
SHA256 814fbf37cd913887c3b4cdbd8c4093864e6cdcc283aa09c1aad715806fdbb1a9
ssdeep
6144:tob+BCFpH4+vij/z9mksoZYuKv4Gloit3oKbso7oPNco7oPN:tzBYx5vI/UoZWv4fJT6X6

authentihash bf0da2c9c1ae083d2d3959f9bb83246bda73193d3681fc098169487e3a19d803
imphash 4d9bb3f6149dcdf4ca21af9048b5fb67
File size 309.5 KB ( 316928 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2019-03-25 01:44:42 UTC ( 1 month, 3 weeks ago )
Last submission 2019-03-26 16:41:17 UTC ( 1 month, 3 weeks ago )
File names G1.exe
output.120012866.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!