× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8e4eace428bed8db888330f51d208180e1fd088c08298cfccec18f9604af0a3e
File name: 8e4eace428bed8db888330f51d208180e1fd088c08298cfccec18f9604af0a3e
Detection ratio: 16 / 70
Analysis date: 2018-12-19 16:42:53 UTC ( 1 month, 4 weeks ago ) View latest
Antivirus Result Update
Acronis malware 20180726
Bkav HW32.Packed. 20181219
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
Cybereason malicious.acb3a8 20180225
Cylance Unsafe 20181219
eGambit Unsafe.AI_Score_99% 20181219
Endgame malicious (high confidence) 20181108
Sophos ML heuristic 20181128
McAfee Emotet-FJX!14715A7A35DF 20181219
McAfee-GW-Edition BehavesLike.Win32.Emotet.cc 20181219
Microsoft Trojan:Win32/Fuerboos.A!cl 20181219
Qihoo-360 HEUR/QVM20.1.F927.Malware.Gen 20181219
Rising Malware.Heuristic!ET#98% (RDM+:cmRtazoKZBf07S318TYVLsV5UMNm) 20181219
SentinelOne (Static ML) static engine - malicious 20181011
Symantec ML.Attribute.HighConfidence 20181219
Trapmine malicious.high.ml.score 20181205
Ad-Aware 20181219
AegisLab 20181219
AhnLab-V3 20181219
Alibaba 20180921
ALYac 20181219
Antiy-AVL 20181219
Arcabit 20181219
Avast 20181219
Avast-Mobile 20181219
AVG 20181219
Avira (no cloud) 20181219
Babable 20180918
Baidu 20181207
BitDefender 20181219
CAT-QuickHeal 20181219
ClamAV 20181219
CMC 20181218
Comodo 20181219
Cyren 20181219
DrWeb 20181219
Emsisoft 20181219
ESET-NOD32 20181219
F-Prot 20181219
F-Secure 20181219
Fortinet 20181219
GData 20181219
Ikarus 20181219
Jiangmin 20181219
K7AntiVirus 20181219
K7GW 20181219
Kaspersky 20181219
Kingsoft 20181219
Malwarebytes 20181219
MAX 20181219
eScan 20181219
NANO-Antivirus 20181219
Palo Alto Networks (Known Signatures) 20181219
Panda 20181219
Sophos AV 20181219
SUPERAntiSpyware 20181212
Symantec Mobile Insight 20181215
TACHYON 20181219
Tencent 20181219
TheHacker 20181216
TotalDefense 20181219
TrendMicro 20181219
TrendMicro-HouseCall 20181219
Trustlook 20181219
VBA32 20181219
ViRobot 20181219
Webroot 20181219
Yandex 20181219
Zillya 20181219
ZoneAlarm by Check Point 20181219
Zoner 20181219
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft

Product Microsoft®
Original name kbdth3.dll
Internal name TCPSVCS.EXE
Description TCP/IP Services Application
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-07-18 02:23:20
Entry Point 0x00002B00
Number of sections 9
PE sections
PE imports
RemoveUsersFromEncryptedFile
GetSecurityDescriptorRMControl
OffsetClipRgn
GetEnvironmentStrings
GetNamedPipeServerProcessId
GetThreadLocale
GetThreadTimes
GlobalMemoryStatusEx
GetBinaryTypeA
GetCurrentThread
Ord(29)
DlgDirListW
GetLastInputInfo
SendMessageA
GetMenuContextHelpId
CopyIcon
GetKeyState
g_rgSCardT1Pci
memmove
OleFlushClipboard
Number of PE resources by type
RT_BITMAP 1
RT_VERSION 1
Number of PE resources by language
JAPANESE DEFAULT 2
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2002:07:18 03:23:20+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
135168

LinkerVersion
2.0

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x2b00

InitializedDataSize
0

SubsystemVersion
5.0

ImageVersion
5.1

OSVersion
6.0

UninitializedDataSize
0

File identification
MD5 14715a7a35df798d2169ccb2c30c4534
SHA1 4dd46feacb3a8c10a7ab1d478fa85887da13923e
SHA256 8e4eace428bed8db888330f51d208180e1fd088c08298cfccec18f9604af0a3e
ssdeep
1536:hLRlKDfSy0U+u87yox7+onFPi4m95fgyaFuM4y8JksiSvxPK:pQFMbx7+onFP05flSYfvpPK

authentihash 8360815fac3d6555f38b06a9453b440ab0548a138a3fa988e03799c4234072c7
imphash a280420139e53f7e69b9757348a1b496
File size 124.0 KB ( 126976 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-19 16:42:53 UTC ( 1 month, 4 weeks ago )
Last submission 2019-01-16 11:07:15 UTC ( 1 month ago )
File names 8hyPxBywv7k.exe
5MFF25be.exe
99Ov7qvh8o.exe
ymMa7ZlW.exe
14715a7a35df798d2169ccb2c30c4534_exe
kbdth3.dll
XFV7Mziqv6l.exe
TCPSVCS.EXE
4Lyot05Z.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!