× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 84b8ca07cd2a83e4332237b119720a94ce508d8c0f2bc2a8ad46b87349f36218
File name: 84b8ca07cd2a83e4332237b119720a94ce508d8c0f2bc2a8ad46b87349f36218
Detection ratio: 16 / 70
Analysis date: 2018-12-20 19:30:25 UTC ( 1 month, 4 weeks ago ) View latest
Antivirus Result Update
Acronis malware 20180726
Bkav HW32.Packed. 20181220
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
Cybereason malicious.3bf12d 20180225
Cylance Unsafe 20181220
eGambit Unsafe.AI_Score_99% 20181220
Endgame malicious (high confidence) 20181108
Sophos ML heuristic 20181128
McAfee Emotet-FJX!341E4E93BF12 20181220
McAfee-GW-Edition BehavesLike.Win32.Emotet.cc 20181220
Microsoft Trojan:Win32/Fuerboos.A!cl 20181220
Qihoo-360 HEUR/QVM20.1.FF79.Malware.Gen 20181220
Rising Malware.Heuristic!ET#99% (RDM+:cmRtazpvyQb4JaK7s64EPXAdUlxv) 20181220
SentinelOne (Static ML) static engine - malicious 20181011
Symantec ML.Attribute.HighConfidence 20181220
Trapmine malicious.high.ml.score 20181205
Ad-Aware 20181220
AegisLab 20181220
AhnLab-V3 20181220
Alibaba 20180921
ALYac 20181220
Antiy-AVL 20181220
Arcabit 20181220
Avast 20181220
Avast-Mobile 20181220
AVG 20181220
Avira (no cloud) 20181220
Babable 20180918
Baidu 20181207
BitDefender 20181220
CAT-QuickHeal 20181220
ClamAV 20181220
CMC 20181219
Comodo 20181220
Cyren 20181220
DrWeb 20181220
Emsisoft 20181220
ESET-NOD32 20181220
F-Prot 20181220
F-Secure 20181220
Fortinet 20181220
GData 20181220
Ikarus 20181220
Jiangmin 20181220
K7AntiVirus 20181220
K7GW 20181220
Kaspersky 20181220
Kingsoft 20181220
Malwarebytes 20181220
MAX 20181220
eScan 20181220
NANO-Antivirus 20181220
Palo Alto Networks (Known Signatures) 20181220
Panda 20181220
Sophos AV 20181220
SUPERAntiSpyware 20181220
Symantec Mobile Insight 20181215
TACHYON 20181220
Tencent 20181220
TheHacker 20181216
TotalDefense 20181220
TrendMicro 20181220
TrendMicro-HouseCall 20181220
Trustlook 20181220
VBA32 20181220
ViRobot 20181220
Webroot 20181220
Yandex 20181220
Zillya 20181219
ZoneAlarm by Check Point 20181220
Zoner 20181220
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © Microsoft Corp. 1993-2001.

Internal name ASYCFILT.DLL
File version 5.1.2600.2180
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-07-18 02:23:20
Entry Point 0x00002990
Number of sections 8
PE sections
PE imports
IsTokenRestricted
GetDCPenColor
GetPolyFillMode
GetFileTime
NormalizeString
LockFileEx
SetFilePointer
GetTapeStatus
SetEvent
GetConsoleProcessList
GetVersion
GetUserDefaultLCID
EmptyClipboard
GetLastActivePopup
GetSysColor
GetKeyboardType
RegisterRawInputDevices
SCardGetCardTypeProviderNameA
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
CodeSize
135168

UninitializedDataSize
0

LinkerVersion
2.0

ImageVersion
5.1

FileVersionNumber
5.1.2600.2180

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
0

EntryPoint
0x2990

MIMEType
application/octet-stream

LegalCopyright
Copyright Microsoft Corp. 1993-2001.

FileVersion
5.1.2600.2180

TimeStamp
2002:07:18 03:23:20+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
ASYCFILT.DLL

ProductVersion
5.1.2600.2180

SubsystemVersion
6.0

OSVersion
6.0

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

LegalTrademarks
Microsoft is a registered trademark of Microsoft Corporation. Windows is a registered trademark of Microsoft Corporation.

FileSubtype
0

ProductVersionNumber
5.1.2600.2180

FileTypeExtension
exe

ObjectFileType
Dynamic link library

Execution parents
File identification
MD5 341e4e93bf12d04b7ab8c04963319cdf
SHA1 d162b666bc018ee16e12051a4e45a4411d17a3c8
SHA256 84b8ca07cd2a83e4332237b119720a94ce508d8c0f2bc2a8ad46b87349f36218
ssdeep
3072:voBfZca1dXw8cxDDMsukOWpYTtDT93btz0GIJT55:vSma1dXw7DMWpuV3btoGiD

authentihash 6e04991a401b02014f19d8e2c857b8ed938d81ade02de5f63b1584520faa12cf
imphash 0102dca0640a5c99440dc7ca10bf4f66
File size 120.0 KB ( 122880 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-20 19:30:25 UTC ( 1 month, 4 weeks ago )
Last submission 2018-12-20 19:30:25 UTC ( 1 month, 4 weeks ago )
File names v_Jvzoj4_IoDuub.exe
B58I83tw_zjc7.exe
XKMc1_JN8AzZZht.exe
Z_vtgEOMM4w_93R50K1.exe
ASYCFILT.DLL
914.exe
Qqvv_9XHGC.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!