× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 95db12fa7f599f53cdcf342761a31de06d2f8c2af147887210a491c02af171ea
File name: 59362.exe
Detection ratio: 54 / 69
Analysis date: 2019-02-18 00:38:33 UTC ( 1 day, 8 hours ago )
Antivirus Result Update
Acronis suspicious 20190213
Ad-Aware Trojan.GenericKD.31012816 20190218
AhnLab-V3 Win-Trojan/Emotet.Exp 20190217
ALYac Trojan.Agent.Emotet 20190217
Antiy-AVL Trojan[Banker]/Win32.Emotet 20190217
Arcabit Trojan.Generic.D1D937D0 20190218
Avast Win32:BankerX-gen [Trj] 20190218
AVG Win32:BankerX-gen [Trj] 20190218
Avira (no cloud) HEUR/AGEN.1033514 20190218
BitDefender Trojan.GenericKD.31012816 20190217
CAT-QuickHeal Trojan.IGENERIC 20190217
ClamAV Win.Trojan.Agent-6592006-0 20190217
Comodo Malware@#3uba5zxzxz41n 20190217
CrowdStrike Falcon (ML) malicious_confidence_90% (W) 20181023
Cybereason malicious.2faf97 20190109
Cylance Unsafe 20190218
Cyren W32/Kryptik.FO.gen!Eldorado 20190217
Emsisoft Trojan.Emotet (A) 20190218
Endgame malicious (high confidence) 20190215
ESET-NOD32 a variant of Win32/Kryptik.GHBR 20190217
F-Prot W32/Kryptik.FO.gen!Eldorado 20190217
F-Secure Heuristic.HEUR/AGEN.1033514 20190218
Fortinet W32/Kryptik.GIDK!tr 20190217
GData Trojan.GenericKD.31012816 20190218
Ikarus Trojan-Banker.Emotet 20190217
Sophos ML heuristic 20181128
Jiangmin Trojan.Banker.Emotet.bdq 20190217
K7AntiVirus Trojan ( 00535cae1 ) 20190217
K7GW Trojan ( 00535cae1 ) 20190217
Kaspersky HEUR:Trojan.Win32.Generic 20190217
Malwarebytes Trojan.Emotet 20190217
McAfee GenericRXFZ-OH!FDDF11D2FAF9 20190217
McAfee-GW-Edition BehavesLike.Win32.Emotet.fm 20190217
Microsoft Trojan:Win32/Emotet.AC!bit 20190218
eScan Trojan.GenericKD.31012816 20190217
NANO-Antivirus Trojan.Win32.Emotet.feqfgn 20190217
Palo Alto Networks (Known Signatures) generic.ml 20190218
Panda Trj/RnkBend.A 20190217
Qihoo-360 HEUR/QVM20.1.16B3.Malware.Gen 20190218
Rising Trojan.GenKryptik!8.AA55 (CLOUD) 20190217
SentinelOne (Static ML) static engine - malicious 20190203
Sophos AV Mal/EncPk-AOI 20190218
SUPERAntiSpyware Trojan.Agent/Gen-Kryptik 20190213
Symantec Trojan.Emotet 20190217
Tencent Win32.Trojan-banker.Emotet.Eibv 20190218
Trapmine malicious.high.ml.score 20190123
TrendMicro TSPY_EMOTET.TTIBBJA 20190218
TrendMicro-HouseCall TSPY_EMOTET.TTIBBJA 20190217
VBA32 BScope.Malware-Cryptor.Emotet 20190215
ViRobot Trojan.Win32.Z.Emotet.323584.B 20190217
Webroot W32.Trojan.Emotet 20190218
Yandex Trojan.PWS.Emotet! 20190215
Zillya Trojan.Emotet.Win32.2997 20190215
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20190218
AegisLab 20190217
Alibaba 20180921
Avast-Mobile 20190217
Babable 20180918
Baidu 20190215
Bkav 20190216
CMC 20190217
DrWeb 20190218
eGambit 20190218
Kingsoft 20190218
MAX 20190218
Symantec Mobile Insight 20190207
TACHYON 20190218
TheHacker 20190217
TotalDefense 20190217
Trustlook 20190218
Zoner 20190218
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product Mic
File version 6.1.7601
Description TLS / SSL Secur
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-06-25 22:01:05
Entry Point 0x00001014
Number of sections 6
PE sections
PE imports
AddAccessDeniedAce
GetViewportExtEx
GetThreadId
GetVersion
GetTickCount
GetUserDefaultLCID
GetConsoleTitleW
RpcErrorAddRecord
SHGetFolderLocation
GrayStringW
LockWorkStation
ClipCursor
HWND_UserFree
Number of PE resources by type
RT_MANIFEST 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
15.1

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.2.0.6

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Crypt file!!!!

ImageFileCharacteristics
No relocs, Executable, 32-bit, System file

CharacterSet
Unicode

InitializedDataSize
225280

EntryPoint
0x1014

MIMEType
application/octet-stream

FileVersion
6.1.7601

TimeStamp
2018:06:26 00:01:05+02:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.0626.

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
ddd R Semiconductor ealtek

CodeSize
98304

ProductName
Mic

ProductVersionNumber
1.2.0.6

FileTypeExtension
exe

ObjectFileType
Dynamic link library

Compressed bundles
File identification
MD5 fddf11d2faf97857fc27378e0154083f
SHA1 624dae61186013dfd9ac1b88d2077dd686c41a88
SHA256 95db12fa7f599f53cdcf342761a31de06d2f8c2af147887210a491c02af171ea
ssdeep
1536:hGr7pGWqm/PdUniIz592c943ven6jnf008HK/CqtKjhR:h0sWDteiIzCc4M6jnf0u/jkjh

authentihash 61e89f8c0c7770c04d6b117ce1a8e378712f2ffb72c1b1125be6674ab286613a
imphash 8c3a1b931d55602ddb6693812db6b5e3
File size 316.0 KB ( 323584 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit system file

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2018-06-25 22:03:43 UTC ( 7 months, 4 weeks ago )
Last submission 2018-06-25 22:03:43 UTC ( 7 months, 4 weeks ago )
File names orjVxyBerClMMo.exe
59362.exe
95851.exe
12352.exe
21048.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!