× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b02fc828ea2f1d39cbc225abdcf759d970d67a3518dfcd5026a2f98c82c48166
File name: b02fc828ea2f1d39cbc225abdcf759d970d67a3518dfcd5026a2f98c82c48166
Detection ratio: 16 / 70
Analysis date: 2018-11-29 08:50:17 UTC ( 2 months, 3 weeks ago ) View latest
Antivirus Result Update
CAT-QuickHeal Trojan.Emotet.X4 20181129
ClamAV Win.Trojan.Emotet-6748801-0 20181129
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20181022
Cybereason malicious.6124bf 20180225
Cylance Unsafe 20181129
Emsisoft Trojan.Emotet (A) 20181129
Endgame malicious (high confidence) 20181108
Fortinet W32/Kryptik.GNFC!tr 20181129
Sophos ML heuristic 20181128
Microsoft Program:Win32/Unwaders.C!ml 20181129
Qihoo-360 HEUR/QVM20.1.8689.Malware.Gen 20181129
Rising Malware.Heuristic!ET#100% (RDM+:cmRtazp+rov8Jpk8mrFCSh8D+c1K) 20181129
SentinelOne (Static ML) static engine - malicious 20181011
Symantec ML.Attribute.HighConfidence 20181129
Trapmine malicious.high.ml.score 20181126
Webroot W32.Trojan.Emotet 20181129
Ad-Aware 20181129
AegisLab 20181129
AhnLab-V3 20181129
Alibaba 20180921
ALYac 20181129
Antiy-AVL 20181128
Arcabit 20181129
Avast 20181129
Avast-Mobile 20181129
AVG 20181129
Avira (no cloud) 20181129
Babable 20180918
Baidu 20181129
BitDefender 20181129
Bkav 20181128
CMC 20181128
Comodo 20181129
Cyren 20181129
DrWeb 20181129
eGambit 20181129
ESET-NOD32 20181129
F-Prot 20181129
F-Secure 20181129
GData 20181129
Ikarus 20181128
Jiangmin 20181129
K7AntiVirus 20181129
K7GW 20181129
Kaspersky 20181129
Kingsoft 20181129
Malwarebytes 20181129
MAX 20181129
McAfee 20181129
McAfee-GW-Edition 20181129
eScan 20181129
NANO-Antivirus 20181129
Palo Alto Networks (Known Signatures) 20181129
Panda 20181128
Sophos AV 20181129
SUPERAntiSpyware 20181128
Symantec Mobile Insight 20181121
TACHYON 20181129
Tencent 20181129
TheHacker 20181126
TotalDefense 20181129
TrendMicro 20181129
TrendMicro-HouseCall 20181129
Trustlook 20181129
VBA32 20181129
VIPRE 20181129
ViRobot 20181129
Yandex 20181128
Zillya 20181128
ZoneAlarm by Check Point 20181129
Zoner 20181129
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Microsoft Corporation

Product Microsoft®
Internal name securit
File version 3.00.
Description V
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-11-29 08:46:22
Entry Point 0x000634C0
Number of sections 5
PE sections
PE imports
GetNamedPipeClientProcessId
GetModuleHandleA
GetTimeZoneInformation
LZSeek
DdeConnect
timeGetTime
CryptCATOpen
CoInvalidateRemoteMachineBindings
Number of PE resources by type
RT_STRING 5
RT_RCDATA 1
RT_VERSION 1
Number of PE resources by language
NEUTRAL 6
ENGLISH US 1
PE resources
ExifTool file metadata
SpecialBuild
[pre-release version: pre-alpha]

SubsystemVersion
5.0

LinkerVersion
12.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
8.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
V

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Windows, Latin1

InitializedDataSize
32768

EntryPoint
0x634c0

MIMEType
application/octet-stream

LegalCopyright
Microsoft Corporation

FileVersion
3.00.

TimeStamp
2018:11:29 09:46:22+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
securit

UninitializedDataSize
0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
S Corpora

CodeSize
409600

ProductName
Microsoft

ProductVersionNumber
0.0.0.0

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 690fdb36124bf1a54071f3cd239a3623
SHA1 6b3ef4faf440909f497e2976ca0823fa2d99a26e
SHA256 b02fc828ea2f1d39cbc225abdcf759d970d67a3518dfcd5026a2f98c82c48166
ssdeep
3072:1KA5CLzXczrTWjCJI/1bP/HPAB+mvJOE3Q:1KA5bzrT7JIdzHYBI

authentihash b80e4b52f0e85dfcd938e0e1ecd9f0ebe095d240bb1da577ee38d2b68678266a
imphash cd90090dffdfe64174c14e57375b5dee
File size 428.0 KB ( 438272 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (34.2%)
Win32 Executable (generic) (23.4%)
Win16/32 Executable Delphi generic (10.7%)
OS/2 Executable (generic) (10.5%)
Generic Win/DOS Executable (10.4%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-29 08:50:17 UTC ( 2 months, 3 weeks ago )
Last submission 2018-11-30 01:51:16 UTC ( 2 months, 3 weeks ago )
File names securit
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!