× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8b67d23662c5d1d4b5a27154e074c55c02cd2ea32de7db276ec15e38e344c1a3
File name: 29746336.exe
Detection ratio: 36 / 66
Analysis date: 2018-10-13 01:59:57 UTC ( 4 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Autoruns.GenericKD.31277812 20181012
AhnLab-V3 Trojan/Win32.Emotet.C2753534 20181012
Arcabit Trojan.Autoruns.Generic.D1DD42F4 20181013
Avast FileRepMalware 20181013
AVG FileRepMalware 20181013
BitDefender Trojan.Autoruns.GenericKD.31277812 20181013
CAT-QuickHeal Trojan.Emotet.X4 20181011
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20180723
Cylance Unsafe 20181013
Cyren W32/Trojan.PWXK-5095 20181013
Emsisoft Trojan.Autoruns.GenericKD.31277812 (B) 20181013
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Kryptik.GLOJ 20181012
F-Secure Trojan.Autoruns.GenericKD.31277812 20181012
Fortinet W32/Kryptik.GLNM!tr 20181013
GData Trojan.Autoruns.GenericKD.31277812 20181013
Sophos ML heuristic 20180717
Jiangmin Trojan.Banker.Emotet.dgb 20181012
K7GW Trojan ( 0053eaa91 ) 20181012
Kaspersky Trojan-Banker.Win32.Emotet.bhwi 20181012
Malwarebytes Trojan.Emotet 20181013
MAX malware (ai score=100) 20181013
McAfee Emotet-FJN!3DBDE14C5C81 20181012
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.ft 20181013
Microsoft Trojan:Win32/Fuerboos.C!cl 20181013
eScan Trojan.Autoruns.GenericKD.31277812 20181012
Palo Alto Networks (Known Signatures) generic.ml 20181013
Panda Trj/Genetic.gen 20181012
Qihoo-360 HEUR/QVM20.1.7251.Malware.Gen 20181013
Rising Trojan.Azden!8.F0E3 (TFE:2:RxzpuTvlpMD) 20181012
Sophos AV Mal/Generic-S 20181012
Symantec Trojan.Emotet 20181012
TACHYON Banker/W32.Emotet.346624.D 20181013
Tencent Win32.Trojan-banker.Emotet.Lnyr 20181013
Webroot W32.Trojan.Emotet 20181013
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bhwi 20181013
AegisLab 20181013
Alibaba 20180921
ALYac 20181013
Antiy-AVL 20181013
Avast-Mobile 20181012
Avira (no cloud) 20181012
Babable 20180918
Baidu 20181012
Bkav 20181011
ClamAV 20181012
CMC 20181012
Comodo 20181012
Cybereason 20180225
DrWeb 20181013
eGambit 20181013
F-Prot 20181013
K7AntiVirus 20181012
Kingsoft 20181013
NANO-Antivirus 20181012
SentinelOne (Static ML) 20181011
SUPERAntiSpyware 20181013
Symantec Mobile Insight 20181001
TheHacker 20181011
TotalDefense 20181012
TrendMicro 20181010
TrendMicro-HouseCall 20181010
Trustlook 20181013
VBA32 20181012
ViRobot 20181012
Yandex 20181012
Zillya 20181012
Zoner 20181012
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-04-28 14:30:48
Entry Point 0x00052ED1
Number of sections 5
PE sections
PE imports
ImpersonateNamedPipeClient
GetCharWidthA
ModifyWorldTransform
GdiSetBatchLimit
GetTickCount64
GetDateFormatA
GetModuleHandleA
TerminateProcess
WritePrivateProfileStringW
GetScrollRange
GetUpdateRect
DrawFocusRect
Number of PE resources by type
RT_DIALOG 2
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2004:04:28 16:30:48+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
339968

LinkerVersion
12.1

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x52ed1

InitializedDataSize
11776

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
4.2

UninitializedDataSize
4294967295

File identification
MD5 3dbde14c5c81350239274502f4f6a243
SHA1 bf024ab3591539e03be8dfc7239bf845217887b9
SHA256 8b67d23662c5d1d4b5a27154e074c55c02cd2ea32de7db276ec15e38e344c1a3
ssdeep
3072:8D+MxN8dfOH6TBiL3a75eJuUR9nK0YKEz2JHamGeprFUQ:8DaTE3a75ecUvK0FZJH3GeRGQ

authentihash 317dee0e37cf807bbe01fc05553c9bee40add571bb2effa5c32b7ed52fd67437
imphash 72153d0470e45f7baab8fd4def1330dc
File size 338.5 KB ( 346624 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (25.2%)
Clipper DOS Executable (25.0%)
Generic Win/DOS Executable (24.8%)
DOS Executable Generic (24.8%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-11 04:55:48 UTC ( 4 months, 1 week ago )
Last submission 2018-10-18 21:58:59 UTC ( 4 months ago )
File names 5102C4E1.exe
layouthei.exe
horzpages.exe
29746336.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!