× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8357097939189b15354f5158bf0901a93390f4898be382e7ab3903f5ff306862
File name: flash.exe
Detection ratio: 28 / 69
Analysis date: 2018-09-29 20:10:36 UTC ( 6 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.40537101 20180929
ALYac Trojan.GenericKD.40537101 20180929
Arcabit Trojan.Generic.D26A8C0D 20180929
Avast Win32:Trojan-gen 20180929
AVG Win32:Trojan-gen 20180929
Avira (no cloud) TR/Kryptik.glcla 20180929
BitDefender Trojan.GenericKD.40537101 20180929
CrowdStrike Falcon (ML) malicious_confidence_60% (D) 20180723
Cyren W32/Trojan.LULG-6813 20180929
Emsisoft Trojan.GenericKD.40537101 (B) 20180929
Endgame malicious (moderate confidence) 20180730
ESET-NOD32 a variant of Win32/GenKryptik.CMJP 20180929
F-Secure Trojan.GenericKD.40537101 20180929
Fortinet W32/GenKryptik.CMJP!tr 20180929
GData Trojan.GenericKD.40537101 20180929
Ikarus Trojan.Win32.Krypt 20180929
Kaspersky Trojan-Spy.Win32.Ursnif.aaaq 20180929
MAX malware (ai score=85) 20180929
McAfee RDN/Generic.dx 20180929
McAfee-GW-Edition BehavesLike.Win32.Generic.gm 20180929
Microsoft Program:Win32/Unwaders.C!ml 20180929
eScan Trojan.GenericKD.40537101 20180929
Palo Alto Networks (Known Signatures) generic.ml 20180929
Rising Trojan.GenKryptik!8.AA55 (CLOUD) 20180929
SentinelOne (Static ML) static engine - malicious 20180926
Symantec ML.Attribute.HighConfidence 20180929
TrendMicro-HouseCall TROJ_GEN.R011H09IT18 20180929
Webroot W32.Malware.Gen 20180929
AegisLab 20180929
AhnLab-V3 20180929
Alibaba 20180921
Antiy-AVL 20180929
Avast-Mobile 20180928
AVware 20180925
Babable 20180918
Baidu 20180929
Bkav 20180928
CAT-QuickHeal 20180929
ClamAV 20180929
CMC 20180929
Comodo 20180929
Cybereason 20180225
Cylance 20180929
DrWeb 20180929
eGambit 20180929
F-Prot 20180929
Sophos ML 20180717
Jiangmin 20180929
K7AntiVirus 20180929
K7GW 20180929
Kingsoft 20180929
Malwarebytes 20180929
NANO-Antivirus 20180929
Panda 20180929
Qihoo-360 20180929
Sophos AV 20180929
SUPERAntiSpyware 20180907
Symantec Mobile Insight 20180924
TACHYON 20180929
Tencent 20180929
TheHacker 20180927
TotalDefense 20180929
TrendMicro 20180929
Trustlook 20180929
VBA32 20180928
VIPRE 20180929
ViRobot 20180929
Yandex 20180927
Zillya 20180928
ZoneAlarm by Check Point 20180925
Zoner 20180927
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2007 Technology Finance Partners Chair . All rights reserved

Product Propercomplete
Original name tablelaw.exe
File version 10, 4, 3834, 5261
Description Propercomplete
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-08-22 11:20:23
Entry Point 0x0001672B
Number of sections 6
PE sections
PE imports
RegCreateKeyExW
RegCloseKey
OpenServiceW
LookupPrivilegeValueW
RegOpenKeyExW
RegDeleteKeyW
DeleteService
RegQueryValueExW
OpenProcessToken
QueryServiceStatus
RegEnumKeyW
SystemFunction036
RegOpenKeyW
GetTokenInformation
RegisterServiceCtrlHandlerW
OpenThreadToken
SetEntriesInAclW
RegSetValueExW
FreeSid
OpenSCManagerW
AllocateAndInitializeSid
InitializeSecurityDescriptor
StartServiceCtrlDispatcherW
GetStdHandle
WaitForSingleObject
EncodePointer
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetVolumeInformationW
FreeEnvironmentStringsW
InitializeSListHead
GetLocaleInfoW
SetStdHandle
GetFileTime
GetCPInfo
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetEvent
FindClose
TlsGetValue
SetLastError
GetSystemTime
DeviceIoControl
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
EnumSystemLocalesW
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
MoveFileExW
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
DecodePointer
TerminateProcess
GetModuleHandleExW
ReadConsoleW
GetCurrentThreadId
WriteConsoleW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
LoadLibraryW
GetVersionExW
GetOEMCP
QueryPerformanceCounter
TlsAlloc
VirtualProtect
FlushFileBuffers
RtlUnwind
FreeLibrary
OpenProcess
GetDateFormatW
GetStartupInfoW
CreateDirectoryW
GetUserDefaultLCID
GetProcessHeap
GetTimeFormatW
FindNextFileW
ResetEvent
IsValidLocale
FindFirstFileExW
GetProcAddress
CreateEventW
CreateFileW
GetFileType
TlsSetValue
HeapAlloc
LeaveCriticalSection
GetLastError
LCMapStringW
GetConsoleCP
GetEnvironmentStringsW
WaitForSingleObjectEx
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
RaiseException
UnhandledExceptionFilter
TlsFree
ReadFile
CloseHandle
GetACP
GetModuleHandleW
IsValidCodePage
VirtualFree
Sleep
VirtualAlloc
Ord(205)
Ord(217)
Ord(157)
Ord(113)
Ord(219)
Ord(209)
Ord(7)
Ord(173)
Ord(129)
Ord(107)
Ord(67)
Ord(37)
Ord(96)
Ord(39)
Ord(69)
Ord(88)
Ord(70)
Ord(203)
Ord(109)
Ord(72)
Ord(213)
Ord(215)
Ord(86)
Ord(94)
Ord(155)
Ord(169)
Ord(181)
Ord(82)
Ord(179)
Ord(6)
Ord(137)
Ord(131)
Ord(141)
Ord(224)
Ord(175)
Ord(84)
Ord(226)
Ord(177)
Ord(193)
Ord(43)
Ord(111)
Ord(10)
Ord(45)
Ord(8)
Ord(66)
Ord(195)
Ord(16)
Ord(211)
Ord(14)
Ord(41)
Number of PE resources by type
RT_ICON 7
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 10
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
14.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
10.4.3834.5261

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
Propercomplete

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
477184

EntryPoint
0x1672b

OriginalFileName
tablelaw.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2007 Technology Finance Partners Chair . All rights reserved

FileVersion
10, 4, 3834, 5261

TimeStamp
2017:08:22 04:20:23-07:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
10, 4, 3834, 5261

SubsystemVersion
6.0

OSVersion
6.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Technology Finance Partners Chair

CodeSize
192512

ProductName
Propercomplete

ProductVersionNumber
10.4.3834.5261

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 6fe0467ad268ca38407ba9bfd2f27832
SHA1 560b744e8df3693c36f7cf6f8d2f814af9dee1ec
SHA256 8357097939189b15354f5158bf0901a93390f4898be382e7ab3903f5ff306862
ssdeep
3072:DIXbnV3mvjSQ32PJw1eWQzW5Xf6CyqJE8SU29FcrN4RCX0LineGYWG3tNFlAF9xb:DIk7CwMFW5COE3U296MineGYghBApD

authentihash c9c1125677c44eb389d9f2f624d6920f7861850bf1be1eaffdc9c3a02c6fe385
imphash 4e51bf3be81e7d54de8ed74ce6f10a0c
File size 401.0 KB ( 410624 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (72.3%)
Win32 Executable (generic) (11.8%)
OS/2 Executable (generic) (5.3%)
Generic Win/DOS Executable (5.2%)
DOS Executable Generic (5.2%)
Tags
peexe

VirusTotal metadata
First submission 2018-09-28 10:29:05 UTC ( 6 months, 3 weeks ago )
Last submission 2018-09-28 10:29:05 UTC ( 6 months, 3 weeks ago )
File names tablelaw.exe
flash.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!