× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a6c6443a5194909e539a2417d10c87e188e806f5d9ed6c661ff0ef43f66f9045
File name: 168f5c9d909d8fba414e9d11749db58d
Detection ratio: 37 / 71
Analysis date: 2019-01-28 04:07:25 UTC ( 3 months, 4 weeks ago ) View latest
Antivirus Result Update
Acronis suspicious 20190124
Ad-Aware Trojan.GenericKD.31583774 20190128
AhnLab-V3 Trojan/Win32.Emotet.R253571 20190128
Arcabit Trojan.Generic.D1E1EE1E 20190128
Avast Win32:BankerX-gen [Trj] 20190128
AVG Win32:BankerX-gen [Trj] 20190128
BitDefender Trojan.GenericKD.31583774 20190128
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181023
Cylance Unsafe 20190128
Cyren W32/GenBl.168F5C9D!Olympus 20190128
Emsisoft Trojan.GenericKD.31583774 (B) 20190128
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/GenKryptik.CXQZ 20190127
F-Secure Trojan.GenericKD.31583774 20190128
GData Trojan.GenericKD.31583774 20190128
Ikarus Trojan-Spy.Win32.Emotet 20190127
Sophos ML heuristic 20181128
Kaspersky Trojan-Banker.Win32.Emotet.ccbj 20190128
Malwarebytes Trojan.Emotet 20190128
MAX malware (ai score=100) 20190128
McAfee RDN/PWS-Banker 20190128
McAfee-GW-Edition BehavesLike.Win32.Ramnit.ch 20190127
Microsoft Trojan:Win32/Emotet.AC!bit 20190128
eScan Trojan.GenericKD.31583774 20190128
Palo Alto Networks (Known Signatures) generic.ml 20190128
Panda Trj/CI.A 20190127
Qihoo-360 HEUR/QVM20.1.D075.Malware.Gen 20190128
Rising Trojan.Azden!8.F0E3 (CLOUD) 20190128
SentinelOne (Static ML) static engine - malicious 20190124
Sophos AV Mal/Emotet-Q 20190128
Symantec ML.Attribute.HighConfidence 20190127
Tencent Win32.Trojan-banker.Emotet.Dyhb 20190128
Trapmine malicious.moderate.ml.score 20190123
VBA32 BScope.Trojan.Emotet 20190125
ViRobot Trojan.Win32.Z.Emotet.180224.BM 20190127
Webroot W32.Trojan.Emotet 20190128
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.ccbj 20190128
AegisLab 20190128
Alibaba 20180921
ALYac 20190128
Antiy-AVL 20190128
Avast-Mobile 20190127
Avira (no cloud) 20190127
Babable 20180918
Baidu 20190125
Bkav 20190125
CAT-QuickHeal 20190127
ClamAV 20190128
CMC 20190127
Comodo 20190128
Cybereason 20190109
DrWeb 20190128
eGambit 20190128
F-Prot 20190128
Fortinet 20190128
Jiangmin 20190128
K7AntiVirus 20190128
K7GW 20190127
Kingsoft 20190128
NANO-Antivirus 20190128
SUPERAntiSpyware 20190123
TACHYON 20190128
TheHacker 20190125
TotalDefense 20190127
TrendMicro 20190128
TrendMicro-HouseCall 20190128
Trustlook 20190128
VIPRE 20190128
Yandex 20190125
Zillya 20190125
Zoner 20190125
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 3dfx Interactive, Inc. 2008

Product 3dfx Comms
File version 1.0.20.108
Description 3dfxTools Common Library
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2019-01-27 07:00:53
Entry Point 0x00003E20
Number of sections 9
PE sections
PE imports
SetKernelObjectSecurity
InitiateSystemShutdownW
IsWellKnownSid
DeleteEnhMetaFile
GetTextExtentExPointI
GetTickCount64
QueryProcessCycleTime
GetThreadPriority
GetTimeZoneInformation
FindNextFileNameW
GetSystemDefaultUILanguage
GetCommandLineW
CreateSemaphoreW
FindClose
GetConsoleFontSize
KillTimer
GetRawInputDeviceList
GetWindowContextHelpId
GetWindow
IsHungAppWindow
GetMenuDefaultItem
GetWindowWord
Number of PE resources by type
RT_DIALOG 24
RT_STRING 12
RT_VERSION 1
Number of PE resources by language
ENGLISH US 4
SWEDISH 3
PORTUGUESE 3
GERMAN 3
SPANISH 3
FRENCH 3
PORTUGUESE BRAZILIAN 3
SPANISH MODERN 3
ENGLISH UK 3
DUTCH 3
SPANISH MEXICAN 3
ITALIAN 3
PE resources
Debug information
ExifTool file metadata
SubsystemVersion
6.0

InitializedDataSize
167936

ImageVersion
0.0

ProductName
3dfx Comms

FileVersionNumber
2.1.10.138

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
12.0

FileTypeExtension
exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
1.0.20.108

TimeStamp
2019:01:26 23:00:53-08:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.0.2.101

FileDescription
3dfxTools Common Library

OSVersion
6.0

FileOS
Win32

LegalCopyright
Copyright 3dfx Interactive, Inc. 2008

MachineType
Intel 386 or later, and compatibles

CompanyName
3dfx Interactive, Inc.

CodeSize
16384

FileSubtype
0

ProductVersionNumber
2.6.2.116

EntryPoint
0x3e20

ObjectFileType
Dynamic link library

File identification
MD5 168f5c9d909d8fba414e9d11749db58d
SHA1 0605d63fb3108e75fea860b3b92b4956b154d391
SHA256 a6c6443a5194909e539a2417d10c87e188e806f5d9ed6c661ff0ef43f66f9045
ssdeep
3072:mZE5MA0lkshVziyIq/CBI51rYqgZWO3A6w9qCWY86bIWLu4Nrme/1ZC:5EkoBqB81Vgw6w9p

authentihash fe9ba7dc3bca7753403762b79ace2ad03f6e7d11c203cf62ddf9147e0c31d12d
imphash 453baca35c254a5f943d208f2a18505b
File size 176.0 KB ( 180224 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2019-01-26 23:08:58 UTC ( 3 months, 4 weeks ago )
Last submission 2019-01-31 23:00:31 UTC ( 3 months, 3 weeks ago )
File names Jz6NViua_pL3.exe
cqxIqHnSUanR_t7HC2s.exe
3hwl7zh_Hiq.exe
G9jqgCj2_wyF44KAH.exe
emotet_e2_a6c6443a5194909e539a2417d10c87e188e806f5d9ed6c661ff0ef43f66f9045_2019-01-26__231002.exe_
8lmXDcQDVDz6C_J.exe
5UcCG_J.exe
4nkG3.exe
M5KdlAMQT4VyGBxx_EH8nk.exe
Bq2Jv2yRt81hl.exe
CkE.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!