× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a6aa07c347713de69c44d71474e26700f8b7a8f3861cf981007d653073ccebd6
File name: a4a9231441cedfe6c006b0e4e41002c1d7aeb075
Detection ratio: 47 / 71
Analysis date: 2019-01-31 17:43:21 UTC ( 3 months, 2 weeks ago ) View latest
Antivirus Result Update
Acronis suspicious 20190130
Ad-Aware Trojan.Autoruns.GenericKDS.31595336 20190131
ALYac Trojan.Autoruns.GenericKDS.31595336 20190131
Arcabit Trojan.Autoruns.GenericS.D1E21B48 20190131
Avast Win32:TrojanX-gen [Trj] 20190131
AVG Win32:TrojanX-gen [Trj] 20190131
BitDefender Trojan.Autoruns.GenericKDS.31595336 20190131
Comodo Malware@#2i3rwndgcqu8l 20190131
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181023
Cylance Unsafe 20190131
Cyren W32/S-bd285b7c!Eldorado 20190131
DrWeb Trojan.EmotetENT.363 20190131
Emsisoft Trojan.Autoruns.GenericKDS.31595336 (B) 20190131
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GPDD 20190131
F-Prot W32/S-bd285b7c!Eldorado 20190131
F-Secure Trojan.Autoruns.GenericKDS.31595336 20190131
Fortinet W32/Kryptik.GPDD!tr 20190131
GData Trojan.Autoruns.GenericKDS.31595336 20190131
Ikarus Trojan-Banker.Emotet 20190131
Sophos ML heuristic 20181128
K7AntiVirus Trojan ( 005469601 ) 20190131
K7GW Trojan ( 005469601 ) 20190131
Kaspersky Trojan-Banker.Win32.Emotet.ccpw 20190131
Malwarebytes Trojan.Emotet 20190131
MAX malware (ai score=100) 20190131
McAfee Emotet-FHX!9A1FCE1D655A 20190131
McAfee-GW-Edition BehavesLike.Win32.Downloader.dc 20190131
Microsoft Trojan:Win32/Emotet.AC!bit 20190131
eScan Trojan.Autoruns.GenericKDS.31595336 20190131
NANO-Antivirus Trojan.Win32.Kryptik.fmnfdx 20190131
Palo Alto Networks (Known Signatures) generic.ml 20190131
Panda Trj/GdSda.A 20190131
Qihoo-360 Win32/Trojan.588 20190131
Rising Trojan.Kryptik!8.8 (CLOUD) 20190131
SentinelOne (Static ML) static engine - malicious 20190124
Sophos AV Mal/Emotet-Q 20190131
Symantec Packed.Generic.517 20190131
Tencent Win32.Trojan-banker.Emotet.Hssl 20190131
Trapmine malicious.high.ml.score 20190123
TrendMicro TrojanSpy.Win32.EMOTET.THACOAI 20190131
TrendMicro-HouseCall TrojanSpy.Win32.EMOTET.THACOAI 20190131
VBA32 BScope.Trojan.Refinka 20190131
VIPRE Trojan.Win32.Generic!BT 20190131
ViRobot Trojan.Win32.Z.Ser.217088 20190131
Webroot W32.Trojan.Emotet 20190131
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.ccpw 20190131
AegisLab 20190131
AhnLab-V3 20190131
Alibaba 20180921
Antiy-AVL 20190131
Avast-Mobile 20190130
Avira (no cloud) 20190131
Babable 20180917
Baidu 20190130
Bkav 20190130
CAT-QuickHeal 20190131
ClamAV 20190130
CMC 20190131
Cybereason 20190109
eGambit 20190131
Jiangmin 20190131
Kingsoft 20190131
SUPERAntiSpyware 20190130
TACHYON 20190131
TheHacker 20190129
TotalDefense 20190130
Trustlook 20190131
Yandex 20190128
Zillya 20190131
Zoner 20190131
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation. All rig

Product TortoiseSVN
Original name apisetstub
Internal name TSVNCache.exe
File version 1.9.6.27867
Description ApiSet Stub DLL
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-01-29 19:01:39
Entry Point 0x0000142C
Number of sections 7
PE sections
PE imports
DeregisterEventSource
RegDisableReflectionKey
InitializeAcl
LockServiceDatabase
QueryUsersOnEncryptedFile
JetIntersectIndexes
CreatePatternBrush
LineTo
CopyMetaFileW
SetViewportOrgEx
EndDoc
OffsetClipRgn
SetTextAlign
CreateCompatibleDC
Rectangle
EnumResourceTypesA
LocalFree
FindCloseChangeNotification
GetFileSizeEx
CancelIoEx
DebugActiveProcessStop
GetNamedPipeServerProcessId
GetConsoleCP
GlobalFree
VirtualFree
WriteFile
GetUserPreferredUILanguages
OpenThread
GetUserDefaultLCID
GetModuleHandleW
SetFileIoOverlappedRange
SafeArrayCreateEx
I_RpcMapWin32Status
AssocCreate
SHRegDuplicateHKey
FreeCredentialsHandle
GetAsyncKeyState
SetScrollRange
GetMenuInfo
GetQueueStatus
AdjustWindowRect
IsCharAlphaA
AdjustWindowRectEx
LoadKeyboardLayoutA
SetClipboardViewer
RemoveMenu
CreateMD5SSOHash
GetUrlCacheEntryInfoA
towupper
memset
Number of PE resources by type
RT_ICON 10
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 11
ENGLISH US 2
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

SubsystemVersion
5.0

MachineType
Intel 386 or later, and compatibles

TimeStamp
2019:01:29 20:01:39+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
61440

LinkerVersion
12.0

FileTypeExtension
exe

InitializedDataSize
192512

ImageFileCharacteristics
No relocs, Executable, 32-bit

EntryPoint
0x142c

OSVersion
5.0

ImageVersion
0.0

UninitializedDataSize
0

File identification
MD5 9a1fce1d655aeddd7f3bd8fb7df68216
SHA1 a4a9231441cedfe6c006b0e4e41002c1d7aeb075
SHA256 a6aa07c347713de69c44d71474e26700f8b7a8f3861cf981007d653073ccebd6
ssdeep
3072:CmvbTGeUX+ZluDfcewQxuN94TdpU8ILkGbdET2PPJ8wxsdOqsJ3MBTyvQO:lbTG+ZoQewOpNIvmTGOOqsJMBm5

authentihash ddbd5a278de771b992b6a9a481f53e3527bdbfe2d4ac708f9174832990dc95b7
imphash 8ea628d9cad8d9e05190506b9b79dff8
File size 212.0 KB ( 217088 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
peexe

VirusTotal metadata
First submission 2019-01-29 19:05:50 UTC ( 3 months, 3 weeks ago )
Last submission 2019-02-05 16:04:14 UTC ( 3 months, 2 weeks ago )
File names uvhfdIWa4z4dR3MDT.exe
TSVNCache.exe
apisetstub
KL4ACyQsuEq8kaA.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!