× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 87fc0dee854353956b960abb4b33c41a6fb6891771b6ef802c76c21ec90d5560
File name: 87fc0dee854353956b960abb4b33c41a6fb6891771b6ef802c76c21ec90d5560
Detection ratio: 11 / 64
Analysis date: 2018-11-13 02:11:20 UTC ( 3 months ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20181113
AVG FileRepMalware 20181113
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
Endgame malicious (high confidence) 20181108
Sophos ML heuristic 20181108
Microsoft Trojan:Win32/Emotet.AC!bit 20181113
NANO-Antivirus Virus.Win32.Gen.ccmw 20181113
Palo Alto Networks (Known Signatures) generic.ml 20181113
SentinelOne (Static ML) static engine - malicious 20181011
Symantec ML.Attribute.HighConfidence 20181112
Webroot W32.Trojan.Emotet 20181113
Ad-Aware 20181112
AegisLab 20181113
AhnLab-V3 20181112
Alibaba 20180921
ALYac 20181113
Antiy-AVL 20181113
Arcabit 20181112
Avast-Mobile 20181112
Avira (no cloud) 20181113
Babable 20180918
Baidu 20181112
BitDefender 20181112
Bkav 20181110
CAT-QuickHeal 20181112
ClamAV 20181112
CMC 20181112
Cybereason 20180225
Cyren 20181113
DrWeb 20181112
Emsisoft 20181112
ESET-NOD32 20181113
F-Prot 20181113
F-Secure 20181112
Fortinet 20181113
GData 20181112
Ikarus 20181112
Jiangmin 20181112
K7AntiVirus 20181112
K7GW 20181112
Kaspersky 20181112
Kingsoft 20181113
Malwarebytes 20181113
MAX 20181113
McAfee 20181113
McAfee-GW-Edition 20181112
eScan 20181113
Panda 20181112
Qihoo-360 20181113
Rising 20181113
Sophos AV 20181112
SUPERAntiSpyware 20181107
Symantec Mobile Insight 20181108
TACHYON 20181113
Tencent 20181113
TheHacker 20181108
TrendMicro 20181112
TrendMicro-HouseCall 20181113
Trustlook 20181113
VBA32 20181112
ViRobot 20181112
Yandex 20181112
Zillya 20181112
ZoneAlarm by Check Point 20181113
Zoner 20181113
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1995-2001 Microsoft Corp. All rights reserved.

Product Microsoft ActiveSync
Original name CEUTIL.DLL
Internal name Ceutil
File version 3.5.0.1176
Description Registry Utility Library
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-11-13 01:36:19
Entry Point 0x0000DB52
Number of sections 6
PE sections
PE imports
SetTextJustification
StrokePath
FlattenPath
FlsFree
GetModuleHandleA
GetTempPathA
GlobalFindAtomW
DdeFreeStringHandle
CallMsgFilterA
SetRect
DrawTextA
TranslateAcceleratorA
FindFirstPrinterChangeNotification
memset
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
CodeSize
58368

SubsystemVersion
5.0

LinkerVersion
6.0

ImageVersion
0.1

FileSubtype
0

FileVersionNumber
3.5.0.1176

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Registry Utility Library

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
379904

PrivateBuild
Development Build

EntryPoint
0xdb52

OriginalFileName
CEUTIL.DLL

MIMEType
application/octet-stream

LegalCopyright
Copyright 1995-2001 Microsoft Corp. All rights reserved.

FileVersion
3.5.0.1176

TimeStamp
2018:11:13 02:36:19+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Ceutil

ProductVersion
3.5.1176

UninitializedDataSize
4294963199

OSVersion
5.0

FileOS
Unknown (0)

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

LegalTrademarks
Microsoft and Windows are registered trademarks of Microsoft Corporation.

ProductName
Microsoft ActiveSync

ProductVersionNumber
3.5.0.1176

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 8c1ea2639010f4e67fb494c2b93b61ad
SHA1 53d3d2a52c149befbd3b3818630cb17ae06535de
SHA256 87fc0dee854353956b960abb4b33c41a6fb6891771b6ef802c76c21ec90d5560
ssdeep
3072:qd+mYuAH0TcsLdgEl5usAxFmHc6boWUiXm3P+Xwu9+jRnH1qi3CdV9yzv1YT:qptASSwPHQxCmfrLxV6me

authentihash 19e55cffd433c30df8d581e74b086a7ec63391ac5f73b459118ff5fbcff91f4b
imphash b3e8aea8a3e0e80b036c1368bf041a2b
File size 420.5 KB ( 430592 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-13 01:41:30 UTC ( 3 months ago )
Last submission 2018-11-13 01:41:30 UTC ( 3 months ago )
File names f8dlGYfv.exe
accessusbccid.exe
usbccidwebcam.exe
knownenglish.exe
CEUTIL.DLL
HzjbBv2O94.exe
accessusbccid.exe
Z9t6pJShlu.exe
usbccidwebcam.exe
L9xekSf7CjK.exe
engnrestart.exe
Ceutil
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!