× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 817bf031019b6c8518fc590a0ad8a30954ba83f4002ecdabb180fa831e0759e4
File name: u4kMjDRqClhuEv.exe
Detection ratio: 41 / 67
Analysis date: 2018-10-23 15:01:18 UTC ( 3 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Agent.DHAX 20181023
ALYac Trojan.Agent.DHAX 20181023
Arcabit Trojan.Agent.DHAX 20181023
Avast Win32:Malware-gen 20181023
AVG Win32:Malware-gen 20181023
BitDefender Trojan.Agent.DHAX 20181023
Bkav W32.eHeur.Malware12 20181023
CAT-QuickHeal Trojan.Emotet.X4 20181022
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cylance Unsafe 20181023
Cyren W32/Trojan.CHMH-5501 20181023
Emsisoft Trojan.Agent.DHAX (B) 20181023
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Kryptik.GLUQ 20181023
F-Secure Trojan.Agent.DHAX 20181023
Fortinet W32/Kryptik.GLUQ!tr 20181023
GData Trojan.Agent.DHAX 20181023
Ikarus Trojan.Win32.Crypt 20181023
Sophos ML heuristic 20180717
K7AntiVirus Trojan ( 0053c2ba1 ) 20181023
K7GW Trojan ( 0053c2ba1 ) 20181023
Kaspersky Trojan-Banker.Win32.Emotet.bjmz 20181023
Malwarebytes Trojan.Emotet 20181023
McAfee RDN/Generic.grp 20181023
McAfee-GW-Edition BehavesLike.Win32.Ramnit.ht 20181023
Microsoft Trojan:Win32/Emotet.AC!bit 20181023
eScan Trojan.Agent.DHAX 20181023
NANO-Antivirus Trojan.Win32.Emotet.fjlhha 20181023
Palo Alto Networks (Known Signatures) generic.ml 20181023
Panda Generic Malware 20181023
Qihoo-360 HEUR/QVM20.1.A15C.Malware.Gen 20181023
Rising Trojan.Fuerboos!8.EFC8 (CLOUD) 20181023
SentinelOne (Static ML) static engine - malicious 20181011
Sophos AV Mal/EncPk-ANY 20181023
Symantec Trojan.Emotet 20181023
Tencent Win32.Trojan-banker.Emotet.Agua 20181023
TrendMicro TSPY_EMOTET.THJBBAH 20181023
TrendMicro-HouseCall TSPY_EMOTET.THJBBAH 20181023
ViRobot Trojan.Win32.Z.Kryptik.535040.W 20181023
Webroot W32.Trojan.Emotet 20181023
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bjmz 20181023
AegisLab 20181023
AhnLab-V3 20181023
Alibaba 20180921
Antiy-AVL 20181023
Avast-Mobile 20181023
Avira (no cloud) 20181023
Babable 20180918
Baidu 20181023
ClamAV 20181023
CMC 20181023
Cybereason 20180225
DrWeb 20181023
eGambit 20181023
F-Prot 20181023
Jiangmin 20181023
Kingsoft 20181023
MAX 20181023
SUPERAntiSpyware 20181022
Symantec Mobile Insight 20181001
TACHYON 20181023
TheHacker 20181018
TotalDefense 20181023
Trustlook 20181023
VBA32 20181023
Yandex 20181022
Zillya 20181022
Zoner 20181023
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 1997 America Online

Original name jgiqGEN.dll
Internal name jgiqGEN.dll
File version 014
Description JG ART DLL
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-10-19 19:46:59
Entry Point 0x0007B216
Number of sections 5
PE sections
PE imports
AddAccessAllowedObjectAce
LogonUserExW
FileEncryptionStatusW
PageSetupDlgA
CertDuplicateCertificateContext
CertAddCertificateContextToStore
EnumFontsA
GetVolumePathNameW
CopyFileW
SystemTimeToFileTime
SetFileApisToOEM
Wow64SetThreadContext
DuplicateHandle
GetSystemPowerStatus
GetModuleHandleW
FreeResource
DsReplicaFreeInfo
SysStringByteLen
SetErrorInfo
VarBoolFromI2
NdrDcomAsyncClientCall
I_RpcGetBuffer
SetupDiGetDeviceInstanceIdW
SetupDiClassGuidsFromNameExA
ShellAboutW
SendMessageW
GetFocus
GetClipboardData
SendDlgItemMessageW
IsChild
ArrangeIconicWindows
CryptCATPutCatAttrInfo
GetColorProfileHeader
PdhOpenQueryW
PdhEnumMachinesHW
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
4294967295

LinkerVersion
222.0

ImageVersion
0.0

FileVersionNumber
14.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
JG ART DLL

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
33280

EntryPoint
0x7b216

OriginalFileName
jgiqGEN.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 1997 America Online

FileVersion
014

TimeStamp
2018:10:19 21:46:59+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
jgiqGEN.dll

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Windows 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
America Online

CodeSize
506880

FileSubtype
0

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 e04004afa1a612f6a279644c4b9d8d0c
SHA1 fd8d853e5aa8e2cb0c9cf5436b928f23a989f89e
SHA256 817bf031019b6c8518fc590a0ad8a30954ba83f4002ecdabb180fa831e0759e4
ssdeep
3072:JBB7gD8MqN3VjipE3g1seiWI76STAdOQXlVI:JBBbN3VGpae8DAdOMQ

authentihash 5612ef854d6644c45fe56bb21828e53b6aca543b90874c61adf4a4f07a3b2f8a
imphash ffc628fef9e2c5e40ec2051f95e49553
File size 522.5 KB ( 535040 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (25.2%)
Clipper DOS Executable (25.0%)
Generic Win/DOS Executable (24.8%)
DOS Executable Generic (24.8%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-19 12:52:16 UTC ( 4 months ago )
Last submission 2018-10-19 12:52:16 UTC ( 4 months ago )
File names u4kMjDRqClhuEv.exe
jgiqGEN.dll
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!