× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a3037dc430714b2da5271b410080a34e18caa19c3fb99bfbc3d2e340fc6ba84d
File name: QJHPII63QOXPFTSQLNH.EXE
Detection ratio: 41 / 69
Analysis date: 2018-11-22 01:18:33 UTC ( 2 months, 4 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.40771995 20181121
AegisLab Trojan.Win32.Emotet.4!c 20181122
ALYac Trojan.GenericKD.40771995 20181121
Arcabit Trojan.Generic.D26E219B 20181121
Avast Win32:TrojanX-gen [Trj] 20181121
AVG Win32:TrojanX-gen [Trj] 20181121
BitDefender Trojan.GenericKD.40771995 20181121
Comodo Malware@#2pmh1b1960h97 20181121
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cylance Unsafe 20181122
Cyren W32/Trojan.SDZF-6191 20181122
Emsisoft Trojan.Emotet (A) 20181121
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GMYH 20181122
F-Prot W32/Emotet.JJ.gen!Eldorado 20181122
F-Secure Trojan.GenericKD.40771995 20181121
Fortinet W32/GenKryptik.CRII!tr 20181122
GData Trojan.GenericKD.40771995 20181122
Ikarus Trojan-Banker.Emotet 20181121
Sophos ML heuristic 20181108
K7AntiVirus Trojan ( 0053c2ba1 ) 20181121
K7GW Trojan ( 0053c2ba1 ) 20181121
Kaspersky Trojan-Banker.Win32.Emotet.bqvy 20181122
Malwarebytes Trojan.Emotet 20181122
McAfee Artemis!8A26112CB0F0 20181122
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.tz 20181121
Microsoft Trojan:Win32/Emotet.AC!bit 20181121
eScan Trojan.GenericKD.40771995 20181122
NANO-Antivirus Virus.Win32.Gen.ccmw 20181122
Palo Alto Networks (Known Signatures) generic.ml 20181122
Panda Trj/RnkBend.A 20181121
Qihoo-360 HEUR/QVM19.1.511D.Malware.Gen 20181122
Rising Trojan.Kryptik!8.8 (CLOUD) 20181122
SentinelOne (Static ML) static engine - malicious 20181011
Sophos AV Mal/EncPk-ANY 20181122
Symantec Trojan.Emotet 20181121
TrendMicro TROJ_FRS.VSN14K18 20181121
TrendMicro-HouseCall TrojanSpy.Win32.EMOTET.SMAL01.hp 20181122
VBA32 BScope.Trojan.Refinka 20181121
Webroot W32.Trojan.Emotet 20181122
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bqvy 20181121
AhnLab-V3 20181121
Alibaba 20180921
Antiy-AVL 20181121
Avast-Mobile 20181121
Avira (no cloud) 20181121
Babable 20180918
Baidu 20181121
Bkav 20181121
CAT-QuickHeal 20181121
ClamAV 20181121
CMC 20181121
Cybereason 20180225
DrWeb 20181122
eGambit 20181122
Jiangmin 20181121
Kingsoft 20181122
MAX 20181122
SUPERAntiSpyware 20181121
Symantec Mobile Insight 20181121
TACHYON 20181122
Tencent 20181122
TheHacker 20181118
TotalDefense 20181121
Trustlook 20181122
VIPRE 20181122
ViRobot 20181121
Yandex 20181119
Zillya 20181121
Zoner 20181122
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) Musicmatch 1998-2003

Product Musicmatch® Jukebox
Original name mmgit.dll
Internal name mmgit.dll
File version 6.1.7600
Description ApiSet Stub DLL
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-11-19 20:00:25
Entry Point 0x000BE040
Number of sections 5
PE sections
PE imports
EnumServicesStatusA
GetWindowExtEx
MoveToEx
DeleteObject
GetTextCharsetInfo
GetShortPathNameW
GetModuleHandleA
GetCurrentDirectoryA
SetConsoleCursorInfo
GetUserDefaultLCID
VirtualAlloc
GetDlgCtrlID
CreateCaret
UserHandleGrantAccess
RegisterRawInputDevices
GetComboBoxInfo
IsChild
Number of PE resources by type
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.3.0.44

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
ApiSet Stub DLL

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
294912

EntryPoint
0xbe040

OriginalFileName
mmgit.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) Musicmatch 1998-2003

FileVersion
6.1.7600

TimeStamp
2018:11:19 12:00:25-08:00

FileType
Win32 EXE

PEType
PE32

InternalName
mmgit.dll

ProductVersion
1.03.0044

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Musicmatch , Inc.

CodeSize
782336

ProductName
Musicmatch Jukebox

ProductVersionNumber
1.3.0.44

FileTypeExtension
exe

ObjectFileType
Dynamic link library

Execution parents
File identification
MD5 8a26112cb0f06c5148ae67bae170f8df
SHA1 a27860487aa685d303820623e6bd74d66a602286
SHA256 a3037dc430714b2da5271b410080a34e18caa19c3fb99bfbc3d2e340fc6ba84d
ssdeep
3072:2JRtcrKhxMl1OeGKFRSikuYPuOBbe3HOzShnM/CaC9R7aQ:2J4rK7IOeG28be3OP/XC9Ra

authentihash a75398ddb8959afac5c01344aec7da885f328a34f94be123ae983b44b7a87b4a
imphash d36d97c0a83822f6cc409dd27fe4c272
File size 1.0 MB ( 1073152 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-19 20:03:34 UTC ( 3 months ago )
Last submission 2018-11-20 08:02:53 UTC ( 3 months ago )
File names zYwG2zMMZ8dEaqZy.exe
premiumcbgnd.exe
mmgit.dll
ptn.exe
QJHPII63QOXPFTSQLNH.EXE
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.