× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a138f570edf9ff868c27d9d60722beabdc00e2461528a580680513d713c3c686
File name: DSDdHgyNkI.exe
Detection ratio: 17 / 67
Analysis date: 2018-03-13 12:26:01 UTC ( 1 year, 1 month ago ) View latest
Antivirus Result Update
Avast FileRepMalware 20180313
AVG FileRepMalware 20180313
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170201
Cybereason malicious.2b0255 20180225
Cylance Unsafe 20180313
eGambit Unsafe.AI_Score_100% 20180313
Endgame malicious (high confidence) 20180308
Fortinet W32/GenKryptik.BSKH!tr 20180313
Sophos ML heuristic 20180121
McAfee Emotet-FEI!961BF85A58A2 20180313
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.ch 20180313
Qihoo-360 HEUR/QVM20.1.CB98.Malware.Gen 20180313
Rising Malware.XPACK-LNR/Heur!1.5594 (CLASSIC) 20180313
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/EncPk-ANR 20180313
TrendMicro TSPY_HPEMOTET.SMF5 20180313
TrendMicro-HouseCall TSPY_HPEMOTET.SMF5 20180313
Ad-Aware 20180313
AegisLab 20180313
AhnLab-V3 20180313
Alibaba 20180313
ALYac 20180313
Antiy-AVL 20180313
Arcabit 20180313
Avast-Mobile 20180313
Avira (no cloud) 20180313
AVware 20180313
BitDefender 20180313
Bkav 20180313
CAT-QuickHeal 20180313
ClamAV 20180313
CMC 20180313
Comodo 20180313
Cyren 20180313
DrWeb 20180313
Emsisoft 20180313
ESET-NOD32 20180313
F-Prot 20180313
F-Secure 20180313
GData 20180313
Ikarus 20180313
Jiangmin 20180313
K7AntiVirus 20180313
K7GW 20180313
Kaspersky 20180313
Kingsoft 20180313
Malwarebytes 20180313
MAX 20180313
Microsoft 20180313
eScan 20180313
NANO-Antivirus 20180313
nProtect 20180313
Palo Alto Networks (Known Signatures) 20180313
Panda 20180312
SUPERAntiSpyware 20180313
Symantec 20180313
Symantec Mobile Insight 20180311
Tencent 20180313
TheHacker 20180311
TotalDefense 20180313
Trustlook 20180313
VBA32 20180313
VIPRE 20180313
ViRobot 20180313
Webroot 20180313
WhiteArmor 20180223
Yandex 20180313
Zillya 20180312
ZoneAlarm by Check Point 20180313
Zoner 20180313
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-03-13 12:21:31
Entry Point 0x00002780
Number of sections 5
PE sections
PE imports
SetUserFileEncryptionKey
GetSystemDefaultLangID
QueryThreadCycleTime
InitAtomTable
IsSystemResumeAutomatic
GetCommandLineW
WTSGetActiveConsoleSessionId
GetEnvironmentStringsW
GetForegroundWindow
DestroyWindow
OffsetRect
DefWindowProcW
FindWindowW
PostQuitMessage
MessageBeep
SetWindowPos
GetSystemMetrics
RegisterClassExW
CharUpperW
TranslateMessage
SetActiveWindow
CheckMenuItem
SendMessageW
IsZoomed
GetWindowPlacement
CloseClipboard
BringWindowToTop
MoveWindow
IsIconic
IsClipboardFormatAvailable
GetKeyboardLayout
DestroyAcceleratorTable
SetForegroundWindow
CharNextW
SetCursor
InternetUnlockRequestFile
Ord(29)
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:03:13 05:21:31-07:00

FileType
Win32 EXE

PEType
PE32

CodeSize
1012959262

LinkerVersion
11.2

ImageFileCharacteristics
No relocs, Executable, 32-bit, System file

EntryPoint
0x2780

InitializedDataSize
110592

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.2

UninitializedDataSize
1

File identification
MD5 961bf85a58a2493682c3657847e5b6e2
SHA1 ca03f542b0255db19bd262135ca8946df6a7559c
SHA256 a138f570edf9ff868c27d9d60722beabdc00e2461528a580680513d713c3c686
ssdeep
1536:1yGJkAhuN/R6vrjHmPAlZbZ+WSdKG722Gg8:1HJkMuNZ6rjsAPCPKP

authentihash c0fd665cb221ba8838de9c9a4c24aa72ea119f4ac5d7e4bded6e791ecaece562
imphash 81cbbc447fd4cc1ee0ea60a2972555a5
File size 124.0 KB ( 126976 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit system file

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-03-13 12:26:01 UTC ( 1 year, 1 month ago )
Last submission 2018-05-08 17:45:04 UTC ( 11 months, 2 weeks ago )
File names 67312.exe
8812.exe
9041.exe
DSDdHgyNkI.exe
8540.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!