× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8e0652595b5c7661ce08ef8c986ad31cef38020f80f7afcd500a9acbdd6ae774
File name: 8e0652595b5c7661ce08ef8c986ad31cef38020f80f7afcd500a9acbdd6ae774
Detection ratio: 40 / 69
Analysis date: 2018-10-01 22:29:42 UTC ( 4 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.31244049 20181001
AhnLab-V3 Trojan/Win32.Emotet.R238448 20181001
ALYac Trojan.GenericKD.31244049 20181001
Arcabit Trojan.Generic.D1DCBF11 20181001
Avast Win32:Malware-gen 20181001
AVG Win32:Malware-gen 20181001
BitDefender Trojan.GenericKD.31244049 20181001
Bkav HW32.Packed. 20181001
CAT-QuickHeal Trojan.Emotet.X4 20181001
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cybereason malicious.bfee13 20180225
Cylance Unsafe 20181001
Cyren W32/Trojan.KTJQ-8613 20181001
Emsisoft Trojan.GenericKD.31244049 (B) 20181001
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Kryptik.GLEY 20181001
F-Secure Trojan.GenericKD.31244049 20181001
Fortinet W32/Kryptik.GLEY!tr 20181001
GData Trojan.GenericKD.31244049 20181001
Ikarus Trojan.Win32.Crypt 20181001
Sophos ML heuristic 20180717
K7AntiVirus Riskware ( 0040eff71 ) 20181001
K7GW Riskware ( 0040eff71 ) 20181001
Kaspersky Trojan-Banker.Win32.Emotet.bfpo 20181001
Malwarebytes Trojan.Emotet.Generic 20181001
McAfee GenericRXGM-JB!883A2E7BFEE1 20181001
McAfee-GW-Edition BehavesLike.Win32.Emotet.cc 20181001
Microsoft Trojan:Win32/Occamy.C 20181001
eScan Trojan.GenericKD.31244049 20181001
Palo Alto Networks (Known Signatures) generic.ml 20181001
Panda Trj/GdSda.A 20181001
Qihoo-360 Win32/Trojan.a7b 20181001
Rising Trojan.Emotet!8.B95 (CLOUD) 20181001
SentinelOne (Static ML) static engine - malicious 20180926
Sophos AV Mal/Generic-S 20181001
Symantec Trojan.Emotet 20181001
TrendMicro TSPY_EMOTET.THJOAAH 20181001
TrendMicro-HouseCall TSPY_EMOTET.THJOAAH 20181001
VBA32 Malware-Cryptor.Limpopo 20181001
Webroot W32.Trojan.Emotet 20181001
AegisLab 20181001
Alibaba 20180921
Antiy-AVL 20181001
Avast-Mobile 20181001
Avira (no cloud) 20181001
AVware 20180925
Babable 20180918
Baidu 20180930
ClamAV 20181001
CMC 20181001
Comodo 20181001
DrWeb 20181001
eGambit 20181001
F-Prot 20181001
Jiangmin 20181001
Kingsoft 20181001
MAX 20181001
NANO-Antivirus 20181001
SUPERAntiSpyware 20180907
Symantec Mobile Insight 20181001
TACHYON 20181001
Tencent 20181001
TheHacker 20181001
TotalDefense 20181001
Trustlook 20181001
VIPRE 20181001
ViRobot 20181001
Yandex 20180927
Zillya 20181001
ZoneAlarm by Check Point 20180925
Zoner 20180927
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © Microsoft Corp.

Product 3D Windows Controls
Internal name CTL3D32
File version 2.31.000
Description Ctl3D 3D Windows Controls
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-09-30 05:00:45
Entry Point 0x000186CA
Number of sections 4
PE sections
PE imports
QueryUsersOnEncryptedFile
CryptStringToBinaryA
StrokePath
GetTextExtentExPointI
GetSystemPaletteEntries
GetCommandLineA
HeapCompact
GetModuleHandleA
GetSystemDefaultLCID
FlushFileBuffers
GetSystemTimes
SetFileBandwidthReservation
SysAllocStringByteLen
ToUnicodeEx
DdeQueryConvInfo
GetProcessWindowStation
BeginDeferWindowPos
GetScrollPos
GetUrlCacheEntryInfoExA
OpenPrinterW
Number of PE resources by type
RT_BITMAP 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
4294967295

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.31.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Ctl3D 3D Windows Controls

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
1454080

EntryPoint
0x186ca

MIMEType
application/octet-stream

LegalCopyright
Copyright Microsoft Corp.

FileVersion
2.31.000

TimeStamp
2018:09:30 07:00:45+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
CTL3D32

ProductVersion
2,31,0,0

SubsystemVersion
5.0

OSVersion
5.2

FileOS
Windows 16-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Microsoft Corporation

CodeSize
100352

ProductName
3D Windows Controls

ProductVersionNumber
2.31.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 883a2e7bfee1348c73b154495f9fcf7d
SHA1 ae9cc7281144a303069d52e488f2f9833b276b30
SHA256 8e0652595b5c7661ce08ef8c986ad31cef38020f80f7afcd500a9acbdd6ae774
ssdeep
3072:9JkRVLX0kGtpr5nIov56gynE21MGaRcsFy8eF:HkRVohbFnpv5XwEyMGSt0v

authentihash 34f767e481a9f1b33d6d00499d815cd50346d7a396bd57dd9ad9acbe7df0a251
imphash 28acf482e80dd306206dc666afcc32f7
File size 104.5 KB ( 107008 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-09-29 22:05:44 UTC ( 4 months, 3 weeks ago )
Last submission 2018-11-16 18:55:20 UTC ( 3 months ago )
File names CTL3D32
NJPJ1X2ZZQXZ08DQ.EXE
cGM4url0Zy.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!