× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8dd46fdaab561cb6ecb40f10d4ba55a650440da81ff05f78a60aeeddbe98eccf
File name: qEYTEx4Q4GgX.exe
Detection ratio: 43 / 71
Analysis date: 2019-01-03 16:36:26 UTC ( 1 month, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.40894998 20190103
AhnLab-V3 Trojan/Win32.Emotet.R250466 20190103
ALYac Trojan.GenericKD.40894998 20190103
Arcabit Trojan.Generic.D2700216 20190103
Avast Win32:Trojan-gen 20190103
AVG Win32:Trojan-gen 20190103
BitDefender Trojan.GenericKD.40894998 20190103
Comodo TrojWare.Win32.Trojan.XPack.~gen1@1rwlif 20190103
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cylance Unsafe 20190103
Cyren W32/Trojan.DFBV-3572 20190103
eGambit Unsafe.AI_Score_56% 20190103
Emsisoft Trojan.GenericKD.40894998 (B) 20190103
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GOFN 20190103
F-Secure Trojan.GenericKD.40894998 20190103
Fortinet W32/GenKryptik.CVLD!tr 20190103
GData Trojan.GenericKD.40894998 20190103
Ikarus Trojan.Win32.Crypt 20190103
Sophos ML heuristic 20181128
K7AntiVirus Trojan ( 00544bd41 ) 20190103
K7GW Trojan ( 00544bd41 ) 20190103
Kaspersky Trojan-Banker.Win32.Emotet.bxnr 20190103
Malwarebytes Trojan.Emotet 20190103
MAX malware (ai score=99) 20190103
McAfee RDN/Generic.grp 20190103
McAfee-GW-Edition RDN/Generic.grp 20190103
Microsoft Trojan:Win32/Emotet.AC!bit 20190103
eScan Trojan.GenericKD.40894998 20190103
NANO-Antivirus Trojan.Win32.Emotet.flsiwu 20190103
Palo Alto Networks (Known Signatures) generic.ml 20190103
Panda Trj/GdSda.A 20190102
Qihoo-360 Win32/Trojan.13b 20190103
Rising Trojan.Kryptik!8.8 (CLOUD) 20190103
SentinelOne (Static ML) static engine - malicious 20181223
Sophos AV Mal/EncPk-ANY 20190103
Symantec Trojan.Emotet 20190103
Tencent Win32.Trojan-banker.Emotet.Lkdi 20190103
Trapmine malicious.high.ml.score 20190103
TrendMicro TROJ_GEN.R011C0OA219 20190103
TrendMicro-HouseCall TROJ_GEN.R011C0OA219 20190103
Webroot W32.Trojan.Emotet 20190103
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bxnr 20190103
Acronis 20181227
AegisLab 20190103
Alibaba 20180921
Antiy-AVL 20190103
Avast-Mobile 20190103
Avira (no cloud) 20190103
Babable 20180918
Baidu 20190102
Bkav 20190103
CAT-QuickHeal 20190103
ClamAV 20190103
CMC 20190102
Cybereason 20180225
DrWeb 20190103
F-Prot 20190103
Jiangmin 20190103
Kingsoft 20190103
SUPERAntiSpyware 20190102
TACHYON 20190103
TheHacker 20181230
TotalDefense 20190103
Trustlook 20190103
VBA32 20181229
VIPRE 20190103
ViRobot 20190103
Yandex 20181229
Zillya 20190103
Zoner 20190103
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © Sonic Solutions

File version 1.00.51a
Description VVBBBck
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-12-31 05:00:07
Entry Point 0x00007C71
Number of sections 5
PE sections
PE imports
IsValidAcl
GetUserNameW
EnumServicesStatusExW
FreeEncryptionCertificateHashList
GetSecurityDescriptorControl
IsTokenRestricted
EqualDomainSid
FindFirstFreeAce
GetSecurityDescriptorSacl
GetOldestEventLogRecord
GetSecurityDescriptorOwner
LogonUserExW
LookupPrivilegeNameA
LookupAccountSidA
GetCurrentHwProfileW
GetSecurityDescriptorLength
GetFileTitleA
GetSaveFileNameW
GetOpenFileNameW
GetWindowExtEx
GetSystemPaletteEntries
GetBkMode
GetWorldTransform
GetPaletteEntries
DeleteEnhMetaFile
GetDeviceGammaRamp
GetObjectA
DeleteDC
LineDDA
GetTextExtentExPointI
GetTextExtentExPointW
GetMetaFileA
DeleteColorSpace
GetPath
ExtTextOutA
ExtSelectClipRgn
ExtEscape
GetClipRgn
GetStretchBltMode
GetFontData
GetCharWidth32A
GetBkColor
GetVolumePathNameW
GetStdHandle
FileTimeToDosDateTime
GetConsoleOutputCP
FileTimeToSystemTime
GetFileAttributesA
GetDriveTypeA
GetPrivateProfileSectionNamesW
EnumUILanguagesW
GetLocalTime
FreeEnvironmentStringsA
GetLocaleInfoA
LocalAlloc
GetConsoleCursorInfo
GetLogicalDrives
VirtualLock
lstrcatW
FindResourceExA
FillConsoleOutputCharacterA
GetStringTypeA
WritePrivateProfileStructA
GetSystemTimeAsFileTime
GetThreadPriority
LoadResource
GlobalCompact
GlobalHandle
FindClose
WriteProcessMemory
GetLargestConsoleWindowSize
DeleteTimerQueueEx
FindNextVolumeW
GetProfileSectionW
GetPrivateProfileStructW
DeleteTimerQueueTimer
WriteProfileStringW
GetTapeParameters
LocalFlags
GetConsoleDisplayMode
GetVolumeNameForVolumeMountPointW
ExitThread
DecodePointer
FindAtomW
DebugActiveProcess
LocalFileTimeToFileTime
FindAtomA
GetVersion
lstrcmpiA
GetSystemDirectoryA
GetStartupInfoA
GetWindowsDirectoryW
GetFileSize
FindActCtxSectionGuid
GetPrivateProfileIntW
GetComputerNameExA
ExpandEnvironmentStringsW
FreeConsole
FindVolumeMountPointClose
FindNextFileA
GetDiskFreeSpaceExA
lstrcmpW
FindFirstFileExW
ExpandEnvironmentStringsA
GetBinaryTypeA
EscapeCommFunction
GetPrivateProfileSectionA
LocalUnlock
GetShortPathNameW
GetSystemInfo
GetSystemWindowsDirectoryW
GetThreadLocale
GetTempPathA
GetUserGeoID
lstrlenW
GetShortPathNameA
GetQueuedCompletionStatus
FileTimeToLocalFileTime
GetCurrentDirectoryW
GetCommandLineW
GetCurrentDirectoryA
GetCurrentActCtx
GetCommandLineA
FlsFree
VirtualUnlock
EnumSystemCodePagesA
GetCurrentThreadId
QueryIdleProcessorCycleTime
GetComputerNameExW
GetFileAttributesExA
GetProcessVersion
LoadTypeLib
GetRecordInfoFromTypeInfo
LoadTypeLibEx
ExtractAssociatedIconA
FindExecutableW
FindExecutableA
GetMenuPosFromID
GetUserNameExW
InitializeSecurityContextA
GetComputerObjectNameW
DeleteSecurityContext
GetMessageA
GetForegroundWindow
DrawTextA
InsertMenuItemW
GetPropW
LoadBitmapW
EnumWindows
DefMDIChildProcW
FindWindowW
GetShellWindow
GetClassInfoExA
DefWindowProcA
FindWindowA
GetPropA
LoadMenuW
GetRawInputDeviceInfoW
GetSysColorBrush
GetSystemMetrics
IsWindow
DrawFrameControl
MessageBoxIndirectA
DialogBoxParamW
DialogBoxParamA
GetClassWord
MessageBoxW
LoadAcceleratorsA
InsertMenuW
DefFrameProcW
GetClassLongW
GetMenuContextHelpId
IsWindowVisible
GetRawInputData
DefFrameProcA
GetMessageTime
GetClientRect
GetMenuCheckMarkDimensions
GetWindowInfo
GetLastInputInfo
InsertMenuA
DrawFocusRect
FindWindowExA
GetMenuDefaultItem
GetKeyboardLayout
GetMenuItemCount
DefDlgProcA
EnumThreadWindows
GetDesktopWindow
GetDialogBaseUnits
GetFocus
LoadAcceleratorsW
GetWindowRgnBox
InvalidateRgn
DeregisterShellHookWindow
FindNextUrlCacheEntryW
GetUrlCacheEntryInfoExW
GetUrlCacheEntryInfoExA
FindFirstUrlCacheEntryW
FindFirstPrinterChangeNotification
FindClosePrinterChangeNotification
DeletePrinterDriverW
GetPrinterW
GetStandardColorSpaceProfileW
vprintf
fputws
strcspn
strtod
fwrite
localeconv
system
free
_time64
fprintf
strtoul
strstr
strcoll
tolower
MkParseDisplayNameEx
IsValidURL
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
12.0

ImageVersion
0.0

FileVersionNumber
1.0.51.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
VVBBBck

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
192512

EntryPoint
0x7c71

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.00.51a

TimeStamp
2018:12:30 21:00:07-08:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

OSVersion
5.1

FileOS
Win32

LegalCopyright
Copyright Sonic Solutions

MachineType
Intel 386 or later, and compatibles

CompanyName
Sonic Solutions

CodeSize
178176

FileSubtype
0

ProductVersionNumber
1.0.0.1

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 a4360802cc29332d8ea6eb2b0451e452
SHA1 ee040c8905e7512290aa6db883c9f3286bc2944b
SHA256 8dd46fdaab561cb6ecb40f10d4ba55a650440da81ff05f78a60aeeddbe98eccf
ssdeep
3072:Ji9yPca4DQAR5ZegqKnsy3iT2R+1nVEk2fl9nRu8v1:Jida4Dn5egqv52R+1nV92rnRu8

authentihash ab91ef7c12f7bbe3330af60443eb1ef017b012569c7d7df464975fc511015648
imphash a77a037eed9dc1aa5df30537669097ac
File size 548.0 KB ( 561152 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-31 05:04:35 UTC ( 1 month, 3 weeks ago )
Last submission 2018-12-31 05:04:35 UTC ( 1 month, 3 weeks ago )
File names qEYTEx4Q4GgX.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!