× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a9539e53d75660ee6143c93a320be10727debe636a3c7f91a4551556175643de
File name: 38726104.exe
Detection ratio: 45 / 67
Analysis date: 2018-09-17 05:51:38 UTC ( 5 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.40472511 20180913
AhnLab-V3 Trojan/Win32.Fuerboos.R236717 20180916
ALYac Trojan.GenericKD.40472511 20180917
Antiy-AVL Trojan[Banker]/Win32.Emotet 20180916
Arcabit Trojan.Generic.D2698FBF 20180917
Avast Win32:BankerX-gen [Trj] 20180917
AVG Win32:BankerX-gen [Trj] 20180917
AVware Trojan.Win32.Generic!BT 20180917
BitDefender Trojan.GenericKD.40472511 20180917
CAT-QuickHeal Trojan.Emotet.X4 20180915
ClamAV Win.Dropper.Emotet-6681625-0 20180917
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cylance Unsafe 20180917
Cyren W32/Trojan.FWMX-5172 20180917
Emsisoft Trojan.Emotet (A) 20180917
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Kryptik.GKRF 20180917
F-Secure Trojan.GenericKD.40472511 20180917
Fortinet W32/GenKryptik.CKPI!tr 20180917
GData Trojan.GenericKD.40472511 20180917
Ikarus Trojan.Win32.Crypt 20180916
Sophos ML heuristic 20180717
K7AntiVirus Trojan ( 0053c5231 ) 20180917
K7GW Trojan ( 0053c5231 ) 20180917
Kaspersky Trojan-Banker.Win32.Emotet.bdga 20180917
Malwarebytes Trojan.MalPack 20180917
MAX malware (ai score=69) 20180917
McAfee RDN/Generic.grp 20180917
McAfee-GW-Edition BehavesLike.Win32.AdwareConvertAd.gm 20180917
Microsoft Trojan:Win32/Emotet!rfn 20180916
eScan Trojan.GenericKD.40472511 20180917
NANO-Antivirus Trojan.Win32.Emotet.fhpejp 20180917
Palo Alto Networks (Known Signatures) generic.ml 20180917
Panda Trj/Genetic.gen 20180916
Qihoo-360 HEUR/QVM20.1.CA71.Malware.Gen 20180917
Rising Trojan.Emotet!8.B95 (CLOUD) 20180917
Sophos AV Mal/EncPk-ANY 20180917
Symantec Trojan.Gen.2 20180916
Tencent Win32.Trojan-banker.Emotet.Egxu 20180917
TrendMicro-HouseCall TSPY_EMOTET.THIACAH 20180917
VBA32 Malware-Cryptor.Limpopo 20180914
VIPRE Trojan.Win32.Generic!BT 20180917
ViRobot Trojan.Win32.Z.Emotet.508928.B 20180917
Webroot W32.Trojan.Gen 20180917
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.bdga 20180917
AegisLab 20180917
Alibaba 20180713
Avast-Mobile 20180917
Avira (no cloud) 20180916
Babable 20180907
Baidu 20180914
Bkav 20180915
CMC 20180916
Comodo 20180917
Cybereason 20180225
DrWeb 20180917
eGambit 20180917
F-Prot 20180917
Jiangmin 20180917
Kingsoft 20180917
SentinelOne (Static ML) 20180830
SUPERAntiSpyware 20180907
Symantec Mobile Insight 20180911
TACHYON 20180917
TheHacker 20180914
TotalDefense 20180915
TrendMicro 20180917
Trustlook 20180917
Yandex 20180915
Zillya 20180914
Zoner 20180916
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Internal name EoceEqw.dll
File version 6.1.7
Description DirectX Files DL
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-09-11 12:19:26
Entry Point 0x000239FA
Number of sections 7
PE sections
PE imports
RevertToSelf
RegSetKeySecurity
CryptInstallDefaultContext
FrameRgn
EnumFontsA
EndPage
TzSpecificLocalTimeToSystemTime
GetModuleHandleA
VerifyScripts
RemoveVectoredExceptionHandler
GetDefaultCommConfigA
ICCompressorFree
DsBindWithCredA
SafeArrayLock
RasDeleteEntryW
SetupDiBuildClassInfoListExW
SetupGetLineTextA
AssocQueryStringW
StrChrNW
StrChrA
MakeSignature
SetUserObjectInformationW
IsCharLowerW
ModifyMenuA
GetParent
TrackPopupMenuEx
CoGetObject
CoInternetIsFeatureEnabledForUrl
Number of PE resources by type
RT_STRING 1
RT_VERSION 1
Number of PE resources by language
SLOVENIAN DEFAULT 1
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
1006425862

LinkerVersion
12.0

ImageVersion
0.0

FileVersionNumber
2.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
DirectX Files DL

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
366592

EntryPoint
0x239fa

MIMEType
application/octet-stream

FileVersion
6.1.7

TimeStamp
2018:09:11 14:19:26+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
EoceEqw.dll

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Roni Enterprice

CodeSize
147456

FileSubtype
0

ProductVersionNumber
2.0.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 f9e21414f9d05d80750120b113d06dbb
SHA1 3abc87765e004d61fb64b28d510d72e54132faa0
SHA256 a9539e53d75660ee6143c93a320be10727debe636a3c7f91a4551556175643de
ssdeep
3072:9PVN4zNHFhpGwpCS010qA67p1HA3Q5QhY9XFvpBILEyNtm3z5Vn/yu/4Uwo/GtOG:DNw3EgDCwA5lJpwm3quAUFB4QOl

authentihash ea6d13c4f5486116b4aebb0046d8619eceec32b8ffc28b06ba608b7e23a72527
imphash 0190ac908e688a90d1e42becfa0af540
File size 497.0 KB ( 508928 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID OS/2 Executable (generic) (25.2%)
Clipper DOS Executable (25.0%)
Generic Win/DOS Executable (24.8%)
DOS Executable Generic (24.8%)
Tags
peexe

VirusTotal metadata
First submission 2018-09-11 05:30:24 UTC ( 5 months, 1 week ago )
Last submission 2018-09-11 12:44:08 UTC ( 5 months, 1 week ago )
File names FfU9Sfz23Gc.exe
EoceEqw.dll
38726104.exe
8UuOULw5bxvj.exe
UA7eMF9jBwK.exe
eP4x.exe
GAgwgppwmqEW.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!