× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 935cb5922e5ad0efa8bc381e5b136eb8aa57deabb83d6fcc75a693964cafd322
File name: TINYSHARED.EXE
Detection ratio: 34 / 67
Analysis date: 2018-06-16 06:56:16 UTC ( 8 months, 1 week ago )
Antivirus Result Update
Ad-Aware Trojan.GenericKD.30977156 20180616
AegisLab Ml.Attribute.Gen!c 20180616
AhnLab-V3 Trojan/Win32.Emotet.R230194 20180615
Antiy-AVL Trojan/Win32.Dovs 20180616
Arcabit Trojan.Generic.D1D8AC84 20180616
Avast Win32:Malware-gen 20180616
AVG Win32:Malware-gen 20180616
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180615
BitDefender Trojan.GenericKD.30977156 20180616
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20180530
Cylance Unsafe 20180616
Cyren W32/Emotet.WKXA-3630 20180616
Emsisoft Trojan.GenericKD.30977156 (B) 20180616
Endgame malicious (high confidence) 20180612
ESET-NOD32 a variant of Win32/Kryptik.GHTT 20180616
F-Prot W32/Emotet.RO 20180616
F-Secure Trojan.GenericKD.30977156 20180616
Fortinet W32/Kryptik.GHTT!tr 20180616
GData Trojan.GenericKD.30977156 20180616
Sophos ML heuristic 20180601
K7GW Trojan ( 0053483e1 ) 20180616
Kaspersky Trojan.Win32.Dovs.osy 20180616
MAX malware (ai score=94) 20180616
McAfee Artemis!03CF9BBF5D8E 20180616
McAfee-GW-Edition BehavesLike.Win32.Dropper.fm 20180616
Palo Alto Networks (Known Signatures) generic.ml 20180616
Panda Trj/GdSda.A 20180615
Sophos AV Mal/EncPk-ANR 20180616
Symantec ML.Attribute.HighConfidence 20180615
TACHYON Trojan/W32.Agent.330752.IH 20180616
TrendMicro-HouseCall Suspicious_GEN.F47V0615 20180616
VBA32 BScope.Malware-Cryptor.Win32.Cb 20180615
Webroot W32.Trojan.Emotet 20180616
ZoneAlarm by Check Point Trojan.Win32.Dovs.osy 20180616
Alibaba 20180615
ALYac 20180616
Avast-Mobile 20180616
Avira (no cloud) 20180615
AVware 20180616
Babable 20180406
Bkav 20180616
CAT-QuickHeal 20180615
ClamAV 20180615
CMC 20180615
Comodo 20180616
Cybereason 20180225
DrWeb 20180616
eGambit 20180616
Jiangmin 20180616
K7AntiVirus 20180616
Kingsoft 20180616
Malwarebytes 20180616
Microsoft 20180616
eScan 20180616
NANO-Antivirus 20180616
Qihoo-360 20180616
Rising 20180616
SentinelOne (Static ML) 20180225
SUPERAntiSpyware 20180616
Symantec Mobile Insight 20180614
Tencent 20180616
TheHacker 20180613
TotalDefense 20180616
TrendMicro 20180616
Trustlook 20180616
VIPRE 20180616
ViRobot 20180616
Yandex 20180615
Zillya 20180615
Zoner 20180615
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-06-15 14:20:12
Entry Point 0x0000100F
Number of sections 6
PE sections
PE imports
ReadEventLogA
GetFileSecurityW
RegCloseKey
DuplicateToken
AddAuditAccessAceEx
LogonUserA
CertGetSubjectCertificateFromStore
CryptMemRealloc
CryptSIPLoad
CertNameToStrA
ExtSelectClipRgn
SetDCPenColor
ModifyWorldTransform
AddFontResourceA
GetTextCharset
GetNetworkParams
EnterCriticalSection
EnumSystemLocalesW
GetTempPathW
GetModuleFileNameA
FlsFree
GetBinaryTypeA
GetActiveObject
VarBstrFromBool
UnRegisterTypeLib
glBegin
glMultMatrixd
RasGetConnectStatusA
RasGetProjectionInfoA
PathSetDlgItemPathW
wsprintfA
GetMessagePos
TrackPopupMenu
CharLowerBuffW
GetInputState
GetDialogBaseUnits
DialogBoxParamW
GetMessageExtraInfo
MessageBeep
DrawCaption
FindNextPrinterChangeNotification
WSACleanup
SCardLocateCardsW
OleCreateStaticFromData
CLSIDFromString
OleCreateFromData
Number of PE resources by type
RT_DIALOG 21
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
HEBREW DEFAULT 1
HUNGARIAN DEFAULT 1
VIETNAMESE DEFAULT 1
CHINESE SIMPLIFIED 1
SLOVENIAN DEFAULT 1
CZECH DEFAULT 1
FINNISH DEFAULT 1
KOREAN 1
NEUTRAL DEFAULT 1
PORTUGUESE 1
POLISH DEFAULT 1
JAPANESE DEFAULT 1
DANISH DEFAULT 1
SLOVAK DEFAULT 1
GREEK DEFAULT 1
TURKISH DEFAULT 1
ROMANIAN 1
THAI DEFAULT 1
SERBIAN DEFAULT 1
NEUTRAL 1
RUSSIAN 1
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2018:06:15 15:20:12+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
0

LinkerVersion
12.0

Warning
Possibly corrupt Version resource

FileTypeExtension
exe

InitializedDataSize
233472

SubsystemVersion
5.0

EntryPoint
0x100f

OSVersion
5.0

ImageVersion
0.0

UninitializedDataSize
0

Compressed bundles
File identification
MD5 03cf9bbf5d8e9b7b8b9b21acf5831632
SHA1 b632007eafeda552b0fea184e7ceb8c5465e4d16
SHA256 935cb5922e5ad0efa8bc381e5b136eb8aa57deabb83d6fcc75a693964cafd322
ssdeep
1536:+3yUZBLOIphpt9d5JQge9ip2nAqSCCr/zAyaRgi9:CJZ/9d5JQzcQvNurAJRgi

authentihash af3cefbf68bf996ecd624044ddc49dfd1bd09bce55b9dda5a5c86ab58a8345d0
imphash 1386b6fc3553102cdecf197224a60340
File size 323.0 KB ( 330752 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-06-15 12:19:12 UTC ( 8 months, 1 week ago )
Last submission 2018-06-15 12:19:12 UTC ( 8 months, 1 week ago )
File names TINYSHARED.EXE
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!