× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 824e26049d42d172042fe836b73bc24083df6e4072cbc1686cf774317ada8b2b
File name: codexgigas_3458efc4b5be2e133736c9409641a6d2fd9c4e11
Detection ratio: 43 / 67
Analysis date: 2018-10-11 02:42:38 UTC ( 4 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Autoruns.GenericKDS.31272994 20181011
ALYac Trojan.Autoruns.GenericKDS.31272994 20181011
Antiy-AVL Trojan/Win32.Azden 20181011
Arcabit Trojan.Autoruns.GenericS.D1DD3022 20181011
Avast Win32:Malware-gen 20181011
AVG Win32:Malware-gen 20181011
BitDefender Trojan.Autoruns.GenericKDS.31272994 20181011
Bkav HW32.Packed. 20181009
CAT-QuickHeal Trojan.Emotet.X4 20181010
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20180723
Cybereason malicious.08cd96 20180225
Cylance Unsafe 20181011
Cyren W32/Emotet.HM.gen!Eldorado 20181011
Emsisoft Trojan.Autoruns.GenericKDS.31272994 (B) 20181011
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Kryptik.GLLL 20181011
F-Prot W32/Emotet.HM.gen!Eldorado 20181010
F-Secure Trojan.Autoruns.GenericKDS.31272994 20181010
Fortinet W32/Kryptik.GLLL!tr 20181010
GData Trojan.Autoruns.GenericKDS.31272994 20181010
Ikarus Trojan.Win32.Crypt 20181010
Sophos ML heuristic 20180717
K7AntiVirus Trojan ( 0053e5231 ) 20181010
K7GW Trojan ( 0053e5231 ) 20181010
Kaspersky Trojan-Banker.Win32.Emotet.bhsk 20181011
Malwarebytes Trojan.Emotet 20181011
McAfee RDN/Generic.dx 20181011
McAfee-GW-Edition BehavesLike.Win32.Generic.cc 20181011
Microsoft Trojan:Win32/Emotet!rfn 20181011
eScan Trojan.Autoruns.GenericKDS.31272994 20181011
NANO-Antivirus Virus.Win32.Gen.ccmw 20181011
Palo Alto Networks (Known Signatures) generic.ml 20181011
Panda Trj/Emotet.C 20181010
Qihoo-360 HEUR/QVM20.1.678B.Malware.Gen 20181011
Rising Trojan.Azden!8.F0E3 (TFE:2:RxzpuTvlpMD) 20181011
SentinelOne (Static ML) static engine - malicious 20180926
Sophos AV Mal/EncPk-ANY 20181010
Symantec Trojan.Emotet 20181010
Tencent Win32.Trojan-banker.Emotet.Efum 20181011
TrendMicro TSPY_EMOTET.THJAOAH 20181010
TrendMicro-HouseCall TSPY_EMOTET.THJAOAH 20181010
Webroot W32.Trojan.Emotet 20181011
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bhsk 20181011
AegisLab 20181011
AhnLab-V3 20181010
Alibaba 20180921
Avast-Mobile 20181010
Avira (no cloud) 20181010
Babable 20180918
Baidu 20181010
ClamAV 20181010
CMC 20181010
Comodo 20181011
DrWeb 20181010
eGambit 20181011
Jiangmin 20181009
Kingsoft 20181011
MAX 20181011
SUPERAntiSpyware 20181006
Symantec Mobile Insight 20181001
TACHYON 20181010
TheHacker 20181008
TotalDefense 20181010
Trustlook 20181011
VBA32 20181010
ViRobot 20181010
Yandex 20181010
Zillya 20181010
Zoner 20181010
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-04-28 14:30:48
Entry Point 0x00017BE4
Number of sections 5
PE sections
PE imports
GetSystemTimes
GetUserGeoID
SetFileBandwidthReservation
GetModuleHandleA
BeginDeferWindowPos
GetPrinterDriverDirectoryW
Number of PE resources by type
RT_DIALOG 2
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2004:04:28 16:30:48+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
97280

LinkerVersion
12.1

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x17be4

InitializedDataSize
13312

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
4.2

UninitializedDataSize
4294967295

File identification
MD5 f9b887c08cd96d72b87f304e98e9279c
SHA1 3458efc4b5be2e133736c9409641a6d2fd9c4e11
SHA256 824e26049d42d172042fe836b73bc24083df6e4072cbc1686cf774317ada8b2b
ssdeep
1536:+f4cLOStXF5zuAWClms/tXRM9b2JZLLmaPWHhnWUqxqUDYLrNXgc1dNYFPcpuat5:/45SAzlmyRXrP4WuXLrJgc1r0EpJ/

authentihash 0d686d4bebf9b60fe8d42897640510046bc9140d891c8447100f8750dd9f2dd6
imphash 1b5f1e718cfe23aebe411f31551070c9
File size 103.0 KB ( 105472 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (25.2%)
Clipper DOS Executable (25.0%)
Generic Win/DOS Executable (24.8%)
DOS Executable Generic (24.8%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-09 06:59:50 UTC ( 4 months, 2 weeks ago )
Last submission 2018-10-09 06:59:50 UTC ( 4 months, 2 weeks ago )
File names codexgigas_3458efc4b5be2e133736c9409641a6d2fd9c4e11
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!