× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 83121fd46354df6676eab8ab9853aec81ec3033e006b97a3c78efef74fad7eba
File name: bUS4IFHz.exe
Detection ratio: 18 / 67
Analysis date: 2018-09-25 11:24:44 UTC ( 4 months, 3 weeks ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20180925
AVG FileRepMalware 20180925
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cylance Unsafe 20180925
Endgame malicious (high confidence) 20180730
Ikarus Win32.Outbreak 20180925
Sophos ML heuristic 20180717
Kaspersky UDS:DangerousObject.Multi.Generic 20180925
McAfee Artemis!3F7D01F70879 20180925
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20180925
Palo Alto Networks (Known Signatures) generic.ml 20180925
Qihoo-360 HEUR/QVM20.1.192B.Malware.Gen 20180925
Rising Malware.Heuristic!ET#87% (RDM+:cmRtazqbbqgxy+4xukEBgKO5SoeO) 20180925
SentinelOne (Static ML) static engine - malicious 20180830
Sophos AV Mal/Generic-S 20180925
Symantec ML.Attribute.HighConfidence 20180925
VBA32 BScope.TrojanBanker.Emotet 20180925
Webroot W32.Trojan.Emotet 20180925
Ad-Aware 20180925
AegisLab 20180925
AhnLab-V3 20180925
Alibaba 20180921
ALYac 20180925
Antiy-AVL 20180925
Arcabit 20180925
Avast-Mobile 20180925
Avira (no cloud) 20180925
AVware 20180925
Babable 20180918
Baidu 20180925
BitDefender 20180925
Bkav 20180925
CAT-QuickHeal 20180923
ClamAV 20180924
CMC 20180925
Comodo 20180925
Cybereason 20180225
Cyren 20180925
DrWeb 20180925
eGambit 20180925
Emsisoft 20180925
ESET-NOD32 20180925
F-Prot 20180925
F-Secure 20180925
Fortinet 20180925
GData 20180925
Jiangmin 20180925
K7AntiVirus 20180925
K7GW 20180925
Kingsoft 20180925
Malwarebytes 20180925
MAX 20180925
eScan 20180925
NANO-Antivirus 20180925
Panda 20180925
SUPERAntiSpyware 20180907
Symantec Mobile Insight 20180924
TACHYON 20180925
Tencent 20180925
TheHacker 20180924
TrendMicro 20180925
TrendMicro-HouseCall 20180925
Trustlook 20180925
VIPRE 20180925
ViRobot 20180924
Yandex 20180924
Zillya 20180924
ZoneAlarm by Check Point 20180925
Zoner 20180924
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
License: MPL 1.1/GPL 2.0/LGPL 2.1

Product Mozilla
Internal name uconv
File version Personal
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-09-25 08:00:20
Entry Point 0x00004C80
Number of sections 5
PE sections
PE imports
EnumServicesStatusExW
InitiateSystemShutdownA
LookupAccountSidW
GetTextCharset
GetUserDefaultUILanguage
GetCommConfig
FindResourceExA
LocalLock
GetBinaryTypeW
GetFileSize
DeleteVolumeMountPointW
FindFirstVolumeMountPointW
GetLargestConsoleWindowSize
FormatMessageW
LocalHandle
lstrcmpW
IsThreadAFiber
FreeContextBuffer
GetClipboardViewer
GetLastInputInfo
GetMenuBarInfo
GetKeyboardLayoutList
DrawTextExA
IsCharLowerW
GetTabbedTextExtentW
DeletePrinterDriverExW
SCardGetProviderIdA
fwprintf
ungetwc
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
CodeSize
159744

UninitializedDataSize
0

LinkerVersion
16.1

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
0.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
49152

EntryPoint
0x4c80

MIMEType
application/octet-stream

LegalCopyright
License: MPL 1.1/GPL 2.0/LGPL 2.1

FileVersion
Personal

TimeStamp
2018:09:25 10:00:20+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
uconv

ProductVersion
Personal

SubsystemVersion
4.0

OSVersion
6.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Mozilla, Netscape

LegalTrademarks
Mozilla, Netscape

ProductName
Mozilla

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 3f7d01f708797faa99a957b4524ba2b9
SHA1 2baa363fd4f78ca0a8817ab54489f4f4fbc70509
SHA256 83121fd46354df6676eab8ab9853aec81ec3033e006b97a3c78efef74fad7eba
ssdeep
3072:xsTSvP/e9EttawAsFor5M0Ynt1EMi2p3cPSvNnKorwfWCAb2:ISvP29EtdYrxYt1EHjYNxwKb

authentihash c59f3fa945e3bfde17c97f7e703319c0a147029defcb06aff98cb2f0433ca549
imphash 6394b5e16437a161e125a89384cb638a
File size 176.0 KB ( 180224 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-09-25 08:02:31 UTC ( 4 months, 3 weeks ago )
Last submission 2018-11-15 23:11:54 UTC ( 3 months ago )
File names SgbEfrzQM.exe
CMJZAfeMO.exe
m0LvTCVi2.exe
538.exe
Zw9DKOCQYuux.exe
apVg8AJiD.exe
IeZo9f5r6.exe
uconv
eOqv2rIL.exe
3f7d01f708797faa99a957b4524ba2b9_exe
3f7d01f708797faa99a957b4524ba2b9
ujcjKcuQUZPK.exe
403.exe
bUS4IFHz.exe
nEEPQ4Tv8.exe
vaaxe4q6KoD.exe
XghvffIATIgO.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!