× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 98ff098faae3f3f78e24f92841d3f0bd517970a77e3d9c093adf67634ad2ea6d
File name: 98ff098faae3f3f78e24f92841d3f0bd517970a77e3d9c093adf67634ad2ea6d
Detection ratio: 16 / 71
Analysis date: 2019-01-29 01:04:25 UTC ( 3 months, 3 weeks ago ) View latest
Antivirus Result Update
Acronis suspicious 20190128
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181023
Cylance Unsafe 20190129
Cyren W32/S-bd285b7c!Eldorado 20190128
eGambit Unsafe.AI_Score_67% 20190129
Endgame malicious (high confidence) 20181108
F-Prot W32/S-bd285b7c!Eldorado 20190129
Sophos ML heuristic 20181128
Microsoft Trojan:Win32/Fuery.B!cl 20190128
Qihoo-360 HEUR/QVM20.1.DC3B.Malware.Gen 20190129
Rising Trojan.Emotet!8.B95/N3#97% (RDM+:cmRtazqPs4r2x5AZudCwJMAocE5V) 20190128
SentinelOne (Static ML) static engine - malicious 20190124
Sophos AV Mal/EncPk-ANX 20190128
Symantec Packed.Generic.517 20190128
Trapmine malicious.high.ml.score 20190123
Webroot W32.Trojan.Emotet 20190129
Ad-Aware 20190129
AegisLab 20190128
AhnLab-V3 20190128
Alibaba 20180921
ALYac 20190129
Antiy-AVL 20190129
Arcabit 20190128
Avast 20190128
Avast-Mobile 20190128
AVG 20190128
Avira (no cloud) 20190129
Babable 20180918
Baidu 20190128
BitDefender 20190128
Bkav 20190129
CAT-QuickHeal 20190128
ClamAV 20190128
CMC 20190128
Comodo 20190128
Cybereason 20190109
DrWeb 20190128
Emsisoft 20190129
ESET-NOD32 20190128
F-Secure 20190128
Fortinet 20190128
GData 20190129
Ikarus 20190128
Jiangmin 20190128
K7AntiVirus 20190128
K7GW 20190128
Kaspersky 20190128
Kingsoft 20190129
Malwarebytes 20190129
MAX 20190129
McAfee 20190128
McAfee-GW-Edition 20190129
eScan 20190128
NANO-Antivirus 20190128
Palo Alto Networks (Known Signatures) 20190129
Panda 20190128
SUPERAntiSpyware 20190123
TACHYON 20190128
Tencent 20190129
TheHacker 20190125
TotalDefense 20190128
TrendMicro 20190128
TrendMicro-HouseCall 20190128
Trustlook 20190129
VBA32 20190128
VIPRE None
ViRobot 20190128
Yandex 20190125
Zillya 20190128
ZoneAlarm by Check Point 20190128
Zoner 20190128
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2003-2017 - TortoiseSVN

Product TortoiseSVN
Original name apisetstub
Internal name TSVNCache.exe
File version 1.9.6.27867
Description ApiSet Stub DLL
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-01-29 01:01:18
Entry Point 0x0000333A
Number of sections 6
PE sections
PE imports
RegGetKeySecurity
DeregisterEventSource
LockServiceDatabase
InitializeAcl
CreateRestrictedToken
RegDisableReflectionKey
JetIntersectIndexes
CreatePatternBrush
LineTo
CopyMetaFileW
SetViewportOrgEx
EndDoc
OffsetClipRgn
SetTextAlign
CreateCompatibleDC
Rectangle
GetGraphicsMode
LCIDToLocaleName
EnumResourceTypesA
OpenThread
FindCloseChangeNotification
LockFileEx
CancelIoEx
GetFileSizeEx
DebugActiveProcessStop
GlobalFree
GetConsoleCP
GetNamedPipeServerProcessId
VirtualFree
WriteFile
GetUserPreferredUILanguages
LocalFree
GetUserDefaultLCID
GetModuleHandleW
SafeArrayCreateEx
I_RpcMapWin32Status
AssocCreate
SHRegDuplicateHKey
FreeCredentialsHandle
GetAsyncKeyState
DdeImpersonateClient
GetMessagePos
AdjustWindowRectEx
GetMenuInfo
GetQueueStatus
AdjustWindowRect
DdeAddData
GetScrollPos
IsCharAlphaA
PackDDElParam
LoadKeyboardLayoutA
SetScrollRange
SetClipboardViewer
RemoveMenu
CreateMD5SSOHash
GetUrlCacheEntryInfoA
towupper
memset
Number of PE resources by type
RT_ICON 10
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 11
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
5.0

InitializedDataSize
192512

ImageVersion
0.0

ProductName
TortoiseSVN

FileVersionNumber
1.9.6.27867

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

LinkerVersion
12.0

FileTypeExtension
exe

OriginalFileName
apisetstub

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.9.6.27867

TimeStamp
2019:01:29 02:01:18+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
TSVNCache.exe

ProductVersion
6.1.7600.1

FileDescription
ApiSet Stub DLL

OSVersion
5.0

FileOS
Win32

LegalCopyright
Copyright 2003-2017 - TortoiseSVN

MachineType
Intel 386 or later, and compatibles

CompanyName
http://tortoisesvn.net

CodeSize
28672

FileSubtype
0

ProductVersionNumber
1.9.6.27867

EntryPoint
0x333a

ObjectFileType
Executable application

File identification
MD5 112d95996a3df029beacf70c91863032
SHA1 1642cb46a967757c8ee947d881986f712ef89696
SHA256 98ff098faae3f3f78e24f92841d3f0bd517970a77e3d9c093adf67634ad2ea6d
ssdeep
6144:wm67lSAr3TG7KOnGWTArZzQCOOqsJMBmk:V2l5rI3MFsOqsUH

authentihash 6a7de2a9098b614e1cac992063843c38bd872a7a647b1c94f734a27fd4ab3105
imphash 5eaf672fc81993da5a1b1dfd4247d5dd
File size 212.0 KB ( 217088 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2019-01-29 01:04:25 UTC ( 3 months, 3 weeks ago )
Last submission 2019-01-29 03:28:05 UTC ( 3 months, 3 weeks ago )
File names FMUZIpEoR9.exe
x9T4Ke2enGb.exe
Cnrf8OEJewj.exe
1p7mLSNIH.exe
TSVNCache.exe
apisetstub
l2yUS8VH7.exe
VYPaR4WmS4d.exe
tb4PBfTW.exe
WdkTiPcwB.exe
334.exe
bncmYjwZNG.exe
emotet_e1_98ff098faae3f3f78e24f92841d3f0bd517970a77e3d9c093adf67634ad2ea6d_2019-01-29__010502.exe_
A04n5Rp3.exe
150.exe
bfmnQScLP2F.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!