× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8ffcab992d70cd0f9cd98916415724dbaffc1151b64856224870479a8eef32d1
File name: a3Zk.exe
Detection ratio: 26 / 67
Analysis date: 2018-07-20 06:45:03 UTC ( 7 months ago ) View latest
Antivirus Result Update
AegisLab Ml.Attribute.Gen!c 20180720
Avast Win32:Malware-gen 20180720
AVG Win32:Malware-gen 20180720
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180717
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180530
Cybereason malicious.8a0910 20180225
Cylance Unsafe 20180720
Cyren W32/Trojan.BZFF-9013 20180720
Endgame malicious (high confidence) 20180711
ESET-NOD32 a variant of Win32/GenKryptik.CFSD 20180720
Fortinet W32/GenKryptik.CFNI!tr 20180720
GData Win32.Trojan-Spy.Emotet.PEG6VC 20180720
Sophos ML heuristic 20180717
K7GW Trojan ( 005384971 ) 20180720
Kaspersky Trojan-Banker.Win32.Emotet.aykc 20180720
Microsoft Trojan:Win32/Emotet.AC!bit 20180720
Palo Alto Networks (Known Signatures) generic.ml 20180720
Qihoo-360 HEUR/QVM20.1.9DB1.Malware.Gen 20180720
Rising Trojan.Emotet!8.B95 (CLOUD) 20180720
SentinelOne (Static ML) static engine - malicious 20180701
Sophos AV Mal/EncPk-ANX 20180720
Symantec ML.Attribute.HighConfidence 20180720
TrendMicro TROJ_GEN.USGJ18 20180720
TrendMicro-HouseCall TROJ_GEN.USGJ18 20180720
Webroot W32.Trojan.Emotet 20180720
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.aykc 20180720
Ad-Aware 20180720
AhnLab-V3 20180720
Alibaba 20180713
ALYac 20180720
Antiy-AVL 20180720
Arcabit 20180720
Avast-Mobile 20180720
Avira (no cloud) 20180719
AVware 20180720
Babable 20180406
BitDefender 20180720
Bkav 20180719
CAT-QuickHeal 20180719
ClamAV 20180720
CMC 20180719
Comodo 20180720
DrWeb 20180720
eGambit 20180720
Emsisoft 20180720
F-Prot 20180720
F-Secure 20180720
Jiangmin 20180720
K7AntiVirus 20180720
Kingsoft 20180720
Malwarebytes 20180720
MAX 20180720
McAfee 20180720
McAfee-GW-Edition 20180720
eScan 20180720
NANO-Antivirus 20180720
Panda 20180719
SUPERAntiSpyware 20180720
TACHYON 20180719
Tencent 20180720
TheHacker 20180720
TotalDefense 20180719
Trustlook 20180720
VBA32 20180719
VIPRE 20180720
ViRobot 20180720
Yandex 20180717
Zillya 20180719
Zoner 20180719
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-09-30 17:12:08
Entry Point 0x00001702
Number of sections 7
PE sections
PE imports
SetThreadLocale
GetSystemTimeAdjustment
GetCurrentProcess
GlobalMemoryStatus
QueryProcessCycleTime
SetSystemFileCacheSize
GetStringTypeA
LocalSize
GetProcessIdOfThread
GetCommTimeouts
GetCommandLineA
GetSystemInfo
GetSystemMetrics
ChildWindowFromPoint
GetMenuCheckMarkDimensions
GetClipboardOwner
GetShellWindow
GetSysColor
Number of PE resources by type
RT_STRING 16
RT_BITMAP 15
RT_DIALOG 1
Number of PE resources by language
NEUTRAL 31
CHINESE SIMPLIFIED 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2009:09:30 18:12:08+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
10240

LinkerVersion
14.0

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x1702

InitializedDataSize
275968

SubsystemVersion
5.1

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 f74668e4e7bb47d61fbd3fd066d14adb
SHA1 97e5b4d8a0910f43ab032a54ed437dd16f0216fe
SHA256 8ffcab992d70cd0f9cd98916415724dbaffc1151b64856224870479a8eef32d1
ssdeep
3072:nZR7SuZXPSUum0VxqC+aeRaJd9WRjGs9uJzGgfbm920h:nZR7Su9PxVCLeA/CSh1fE

authentihash b6e27d07f13d54f6d066b6941a1572f94f5a30e18d7690269eedf57c8d0bf7e4
imphash eb753a9b653c085958e6a1b9b39c7c17
File size 276.5 KB ( 283136 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-07-19 15:23:33 UTC ( 7 months ago )
Last submission 2018-07-19 15:23:33 UTC ( 7 months ago )
File names a3Zk.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!