× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8bf0eb3e08f64b3337938331736691ec5b4ef08b63de0f8d3631c6f7c8558b93
File name: 8bf0eb3e08f64b3337938331736691ec5b4ef08b63de0f8d3631c6f7c8558b93
Detection ratio: 41 / 69
Analysis date: 2018-12-30 12:28:16 UTC ( 1 month, 3 weeks ago )
Antivirus Result Update
Ad-Aware Trojan.GenericKD.40864120 20181230
AegisLab Trojan.Win32.Malicious.4!c 20181230
AhnLab-V3 Trojan/Win32.Emotet.R249696 20181230
ALYac Trojan.GenericKD.40864120 20181230
Arcabit Trojan.Generic.D26F8978 20181230
Avira (no cloud) TR/Kryptik.ssyyw 20181229
BitDefender Trojan.GenericKD.40864120 20181230
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cyren W32/Trojan.UMKX-0274 20181230
DrWeb Trojan.Emotet.505 20181230
Emsisoft Trojan.GenericKD.40864120 (B) 20181230
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GOBQ 20181230
F-Secure Trojan.GenericKD.40864120 20181230
Fortinet W32/GenKryptik.CUWW!tr 20181230
GData Trojan.GenericKD.40864120 20181230
Ikarus Trojan-Banker.Emotet 20181229
Sophos ML heuristic 20181128
K7AntiVirus Riskware ( 0040eff71 ) 20181230
K7GW Riskware ( 0040eff71 ) 20181230
Kaspersky Trojan-Banker.Win32.Emotet.bwni 20181230
Malwarebytes Trojan.Emotet 20181230
MAX malware (ai score=99) 20181230
McAfee Emotet-FID!B543E866026F 20181230
McAfee-GW-Edition BehavesLike.Win32.Emotet.ch 20181230
Microsoft Trojan:Win32/Ludicrouz.O 20181230
eScan Trojan.GenericKD.40864120 20181230
NANO-Antivirus Trojan.Win32.Emotet.flmala 20181230
Palo Alto Networks (Known Signatures) generic.ml 20181230
Panda Trj/GdSda.A 20181230
Qihoo-360 Win32/Trojan.428 20181230
Rising Trojan.GenKryptik!8.AA55 (TFE:dGZlOgRJIyJY/hEHqQ) 20181230
SentinelOne (Static ML) static engine - malicious 20181223
Sophos AV Mal/EncPk-ANY 20181230
Symantec Trojan.Emotet 20181229
Tencent Win32.Trojan-banker.Emotet.Pdvn 20181230
Trapmine malicious.high.ml.score 20181205
TrendMicro TROJ_GEN.R004C0PLP18 20181230
VBA32 BScope.Trojan.Emotet 20181229
ViRobot Trojan.Win32.Z.Highconfidence.202752.A 20181230
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bwni 20181230
Acronis 20181227
Alibaba 20180921
Antiy-AVL 20181230
Avast 20181230
Avast-Mobile 20181229
AVG 20181230
Babable 20180918
Baidu 20181207
Bkav 20181227
CAT-QuickHeal 20181229
ClamAV 20181230
CMC 20181229
Comodo 20181230
Cybereason 20180225
eGambit 20181230
F-Prot 20181230
Jiangmin 20181230
Kingsoft 20181230
SUPERAntiSpyware 20181226
Symantec Mobile Insight 20181225
TACHYON 20181230
TheHacker 20181230
TotalDefense 20181230
Trustlook 20181230
VIPRE 20181230
Webroot 20181230
Yandex 20181229
Zillya 20181228
Zoner 20181230
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(c)1996 AOL/Johnson-Grace Company

Product JGMP
Original name jgmp500.dll
Internal name JGMP
File version 2
Description JG MIDI player DLL
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-08-04 07:56:09
Entry Point 0x00008DF3
Number of sections 4
PE sections
PE imports
RegDeleteKeyA
IsTokenRestricted
RegOpenKeyExW
QueryServiceLockStatusW
DuplicateEncryptionInfoFile
RegCreateKeyExA
LookupAccountNameW
GetWindowsAccountDomainSid
CryptGetDefaultProviderW
OpenBackupEventLogA
ImageList_GetImageCount
ImageList_SetIconSize
CryptSIPAddProvider
CertAddEncodedCertificateToStore
JetIntersectIndexes
PaintRgn
GetColorAdjustment
CopyMetaFileW
EndPath
GetCharacterPlacementA
GetRandomRgn
ImmSetCompositionStringW
ImmReleaseContext
GetIpForwardTable
VirtualUnlock
FlushProcessWriteBuffers
FindCloseChangeNotification
GetWindowsDirectoryW
GlobalReAlloc
FlsFree
ReadDirectoryChangesW
Process32First
GetConsoleCP
GetModuleHandleW
WriteFile
FindNextFileA
GetDynamicTimeZoneInformation
VerifyScripts
GetEnvironmentVariableW
LocalLock
LZSeek
DrawDibGetPalette
VarDateFromBool
VarUI2FromStr
SafeArrayCreateEx
IsPwrHibernateAllowed
RasEnumConnectionsW
RpcMgmtStopServerListening
RpcErrorEndEnumeration
NdrInterfacePointerFree
I_RpcMapWin32Status
SetupPromptForDiskA
SetupFindNextMatchLineW
CMP_WaitNoPendingInstallEvents
SHAddToRecentDocs
PathCompactPathW
PathCreateFromUrlA
SHQueryInfoKeyW
PathRemoveExtensionA
AssocCreate
PathAddBackslashW
StrRChrIA
StrPBrkW
CharToOemW
DlgDirListComboBoxW
SetMenuItemInfoA
SetUserObjectInformationA
MessageBoxA
GetClipboardOwner
CreateWindowStationW
LoadKeyboardLayoutA
GetCaretPos
LockSetForegroundWindow
GetMenuContextHelpId
HttpOpenRequestA
HttpQueryInfoA
midiOutMessage
CryptCATPersistStore
WintrustRemoveActionID
g_rgSCardRawPci
Ord(30)
iswalpha
towupper
OleDoAutoConvert
RegisterDragDrop
OleSetClipboard
CreateAntiMoniker
PdhCloseQuery
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
7.1

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
5010.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
JG MIDI player DLL

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
62976

EntryPoint
0x8df3

OriginalFileName
jgmp500.dll

MIMEType
application/octet-stream

LegalCopyright
(c)1996 AOL/Johnson-Grace Company

FileVersion
2

TimeStamp
2004:08:04 08:56:09+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
JGMP

ProductVersion
2

SubsystemVersion
5.1

OSVersion
5.0

FileOS
Windows 16-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Johnson-Grace Company

CodeSize
45568

ProductName
JGMP

ProductVersionNumber
5010.0.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 b543e866026f6d53a6a32eb3ef3938e2
SHA1 e74e9e4d9c6cec69177632323ac68b74490f6b9a
SHA256 8bf0eb3e08f64b3337938331736691ec5b4ef08b63de0f8d3631c6f7c8558b93
ssdeep
3072:YL/4BN6VQW7aQgLXHHNw+GSVm6iEWjJ3h2A:Y74BN6AQgr5Vm6GF

authentihash 3171cf516504b5460f2d0864961c5ce3ad0e0b9241c24b82d5fb83f66d1081ed
imphash ce47544e01b20f408d8560106e8d63ea
File size 198.0 KB ( 202752 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-23 08:07:20 UTC ( 2 months ago )
Last submission 2018-12-23 08:07:20 UTC ( 2 months ago )
File names jgmp500.dll
JGMP
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!