× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a69dc99d3b0c1525a3e6ac25fc0a64f6bd4cc7b71c2e81b03ce1013f3ab313cf
File name: 8f372224257dae9f4ba553a0bca722f5
Detection ratio: 29 / 68
Analysis date: 2018-07-18 13:26:07 UTC ( 7 months, 1 week ago ) View latest
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Emotet.R231763 20180718
Avast Win32:GenX 20180718
AVG Win32:GenX 20180718
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180717
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180530
Cylance Unsafe 20180718
Cyren W32/Emotet.DZ.gen!Eldorado 20180718
Emsisoft Trojan.Emotet (A) 20180718
Endgame malicious (high confidence) 20180711
ESET-NOD32 a variant of Win32/Kryptik.GIUM 20180718
F-Prot W32/Emotet.DZ.gen!Eldorado 20180718
Fortinet W32/PossibleThreat 20180718
GData Win32.Trojan-Spy.Emotet.SE 20180718
Sophos ML heuristic 20180717
Kaspersky Trojan.Win32.Dovs.piy 20180718
Malwarebytes Spyware.Emotet 20180718
Microsoft Trojan:Win32/Emotet.AC!bit 20180718
Palo Alto Networks (Known Signatures) generic.ml 20180718
Panda Trj/GdSda.A 20180718
Qihoo-360 HEUR/QVM20.1.8065.Malware.Gen 20180718
Rising Trojan.Kryptik!8.8 (TFE:dGZlOgTLYFRAh8IbQA) 20180718
SentinelOne (Static ML) static engine - malicious 20180701
Sophos AV Mal/EncPk-ANX 20180718
Symantec Packed.Generic.517 20180718
TrendMicro TROJ_GEN.R020C0SGG18 20180718
TrendMicro-HouseCall TROJ_GEN.R020C0SGG18 20180718
VBA32 BScope.Trojan.Dovs 20180718
Webroot W32.Trojan.Emotet 20180718
ZoneAlarm by Check Point Trojan.Win32.Dovs.piy 20180718
Ad-Aware 20180718
AegisLab 20180718
Alibaba 20180713
ALYac 20180718
Antiy-AVL 20180718
Arcabit 20180718
Avast-Mobile 20180718
Avira (no cloud) 20180718
AVware 20180718
Babable 20180406
BitDefender 20180718
Bkav 20180718
CAT-QuickHeal 20180718
ClamAV 20180717
CMC 20180717
Comodo 20180718
Cybereason 20180225
DrWeb 20180718
eGambit 20180718
F-Secure 20180718
Ikarus 20180718
Jiangmin 20180718
K7AntiVirus 20180718
K7GW 20180718
Kingsoft 20180718
MAX 20180718
McAfee 20180718
McAfee-GW-Edition 20180718
eScan 20180718
NANO-Antivirus 20180718
SUPERAntiSpyware 20180718
TACHYON 20180718
Tencent 20180718
TheHacker 20180716
TotalDefense 20180718
Trustlook 20180718
VIPRE 20180718
ViRobot 20180718
Yandex 20180717
Zillya 20180718
Zoner 20180717
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rights reserv

Product Microsoft® Windows® Operating S
Original name wfw.fwf
Internal name вввы (03.2)
Description Windows Cryptographic
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-02-23 03:20:06
Entry Point 0x00001A2B
Number of sections 6
PE sections
PE imports
SetBitmapBits
lstrlenA
FlsFree
SystemTimeToTzSpecificLocalTime
DdeDisconnectList
ShowCursor
GetClipboardOwner
CryptCATCDFEnumMembers
UninstallColorProfileW
isleadbyte
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
12.1

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
36.1.2223.432

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Windows Cryptographic

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
10240

EntryPoint
0x1a2b

OriginalFileName
PrintIsolationHost.exe

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation. All rights reserv

TimeStamp
2017:02:23 04:20:06+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
(03.2)

ProductVersion
6.1.7600.16385

SubsystemVersion
5.0

OSVersion
5.1

FileOS
Windows NT 32-bit

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Ddfdgf dgdsger

CodeSize
100352

ProductName
Microsoft Windows Operating S

ProductVersionNumber
16.1.4235.11

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 8f372224257dae9f4ba553a0bca722f5
SHA1 17c054892dcaa8d53cd1e825ab00d4b24790175c
SHA256 a69dc99d3b0c1525a3e6ac25fc0a64f6bd4cc7b71c2e81b03ce1013f3ab313cf
ssdeep
3072:Iaevy2ezDgaX9fUB38dWs/3e8q9gXlE2b:I7yCaNfUB0Ws/u8qJ

authentihash 6190551e37df9dc8c8586fb03c23fd14a9adcfb7bc3385cbffae77816a3637ca
imphash 448f080b0e1fe327b6cfb48235c20316
File size 105.0 KB ( 107520 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
peexe

VirusTotal metadata
First submission 2018-07-18 13:26:07 UTC ( 7 months, 1 week ago )
Last submission 2018-07-18 13:26:07 UTC ( 7 months, 1 week ago )
File names wfw.fwf
вввы (03.2)
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!