× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8a35482962fbc4e8ef84189e4c2e5cbb70e266534ec2cc8721402356725058ba
File name: y9ZaTp9oNaGGi.exe
Detection ratio: 44 / 69
Analysis date: 2019-01-01 17:11:40 UTC ( 1 month, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Autoruns.GenericKDS.31455971 20190101
ALYac Trojan.Autoruns.GenericKDS.31455971 20190101
Arcabit Trojan.Autoruns.GenericS.D1DFFAE3 20190101
Avast Win32:MalwareX-gen [Trj] 20190101
AVG Win32:MalwareX-gen [Trj] 20190101
Avira (no cloud) TR/AD.Emotet.qmstn 20190101
BitDefender Trojan.Autoruns.GenericKDS.31455971 20190101
CAT-QuickHeal Trojan.Emotet 20190101
Comodo Malware@#1aimlo0qo71q 20190101
CrowdStrike Falcon (ML) malicious_confidence_90% (W) 20181022
Cylance Unsafe 20190101
Cyren W32/Agent.ATJ.gen!Eldorado 20190101
Emsisoft Trojan.Autoruns.GenericKDS.31455971 (B) 20190101
ESET-NOD32 a variant of Win32/Kryptik.GOEF 20190101
F-Prot W32/Agent.ATJ.gen!Eldorado 20190101
F-Secure Trojan.Autoruns.GenericKDS.31455971 20190101
Fortinet W32/GenKryptik.CVGD!tr 20190101
GData Trojan.Autoruns.GenericKDS.31455971 20190101
Ikarus Trojan.Win32.Krypt 20190101
Sophos ML heuristic 20181128
K7AntiVirus Riskware ( 0040eff71 ) 20190101
K7GW Riskware ( 0040eff71 ) 20190101
Kaspersky HEUR:Trojan.Win32.Generic 20190101
Malwarebytes Trojan.Emotet.Generic 20190101
MAX malware (ai score=100) 20190101
McAfee RDN/Generic.grp 20190101
McAfee-GW-Edition BehavesLike.Win32.Emotet.dh 20190101
Microsoft Trojan:Win32/Emotet.AC!bit 20190101
eScan Trojan.Autoruns.GenericKDS.31455971 20190101
Palo Alto Networks (Known Signatures) generic.ml 20190101
Panda Trj/CI.A 20190101
Qihoo-360 Win32/Trojan.2ff 20190101
Rising Trojan.Fuerboos!8.EFC8 (CLOUD) 20190101
SentinelOne (Static ML) static engine - malicious 20181223
Sophos AV Mal/EncPk-ANY 20190101
Symantec Trojan.Emotet 20190101
TACHYON Trojan/W32.Agent.306176.ML 20190101
Tencent Win32.Trojan.Autoruns.Gvr 20190101
Trapmine malicious.high.ml.score 20181205
TrendMicro TROJ_GEN.R039C0OLU18 20190101
TrendMicro-HouseCall TROJ_GEN.R039C0OLU18 20190101
VBA32 BScope.Trojan.Emotet 20181229
Webroot W32.Trojan.Emotet 20190101
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20190101
Acronis 20181227
AegisLab 20190101
Alibaba 20180921
Antiy-AVL 20190101
Avast-Mobile 20190101
Babable 20180918
Baidu 20181207
Bkav 20181227
ClamAV 20190101
CMC 20181231
Cybereason 20180225
DrWeb 20190101
eGambit 20190101
Endgame 20181108
Jiangmin 20190101
Kingsoft 20190101
NANO-Antivirus 20190101
SUPERAntiSpyware 20181226
TheHacker 20181230
TotalDefense 20190101
Trustlook 20190101
ViRobot 20190101
Yandex 20181229
Zillya 20181231
Zoner 20190101
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation.

Product Micros
Internal name kbdughr
File version 6.1.7601.17514
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-08-04 07:56:09
Entry Point 0x000163F5
Number of sections 8
PE sections
PE imports
GetColorAdjustment
GetFileSizeEx
FlsFree
Wow64EnableWow64FsRedirection
VerifyScripts
GetModuleHandleW
GetNamedPipeClientSessionId
DestroyMenu
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
CodeSize
93184

UninitializedDataSize
0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.4.20030.62408

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
218624

EntryPoint
0x163f5

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation.

FileVersion
6.1.7601.17514

TimeStamp
2004:08:04 09:56:09+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
kbdughr

ProductVersion
1.4: 2003062408

SubsystemVersion
5.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Mozilla, Netscape

LegalTrademarks
Mozilla, Netscape

ProductName
Micros

ProductVersionNumber
1.4.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 07bb0a9b030afefc4d2369f4f8d9ef53
SHA1 0395bec790d53699076255023992abe84342fa20
SHA256 8a35482962fbc4e8ef84189e4c2e5cbb70e266534ec2cc8721402356725058ba
ssdeep
3072:9La/doPNaJxDG5XB25FrrbgH3u5ahY7raJTbQT5mLXQN202:9LaloIJxD+x25FrrbgRY7uJbQT5mra

authentihash 545e99a8e51c72743d3249e8b1474d0594a7fcd555cca9d69d7a2088ae8b97ac
imphash 6f3328eef9acd7b3e1e131dd0f7f5985
File size 299.0 KB ( 306176 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-27 23:04:44 UTC ( 1 month, 3 weeks ago )
Last submission 2018-12-27 23:04:44 UTC ( 1 month, 3 weeks ago )
File names 17885536.exe
kbdughr
y9ZaTp9oNaGGi.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!