× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b44cf52b6918f494ef47cf8ed144e061d8abf69997e923f20f021a159466fa35
File name: 72904.exe
Detection ratio: 11 / 67
Analysis date: 2018-11-06 21:16:15 UTC ( 4 months, 2 weeks ago ) View latest
Antivirus Result Update
Bkav W32.eHeur.Malware09 20181106
CrowdStrike Falcon (ML) malicious_confidence_60% (W) 20181022
Cylance Unsafe 20181106
Endgame malicious (high confidence) 20180730
Kaspersky UDS:DangerousObject.Multi.Generic 20181106
Microsoft Trojan:Win32/Emotet.AC!bit 20181106
Rising Malware.Heuristic!ET#89% (RDM+:cmRtazptlGIo3AY6irwXxrBfaugI) 20181106
TrendMicro TrojanSpy.Win32.URSNIF.SMKA0.hp 20181106
TrendMicro-HouseCall TrojanSpy.Win32.URSNIF.SMKA0.hp 20181106
Webroot W32.Trojan.Gen 20181106
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20181106
Ad-Aware 20181106
AegisLab 20181106
AhnLab-V3 20181106
Alibaba 20180921
ALYac 20181106
Antiy-AVL 20181106
Arcabit 20181106
Avast 20181106
Avast-Mobile 20181106
AVG 20181106
Avira (no cloud) 20181106
Babable 20180918
Baidu 20181106
BitDefender 20181106
CAT-QuickHeal 20181105
ClamAV 20181106
CMC 20181106
Cybereason 20180225
Cyren 20181106
DrWeb 20181106
eGambit 20181106
Emsisoft 20181106
ESET-NOD32 20181106
F-Prot 20181106
F-Secure 20181106
Fortinet 20181106
GData 20181106
Ikarus 20181106
Sophos ML 20180717
Jiangmin 20181106
K7AntiVirus 20181106
K7GW 20181106
Kingsoft 20181106
Malwarebytes 20181106
MAX 20181106
McAfee 20181106
McAfee-GW-Edition 20181106
eScan 20181106
NANO-Antivirus 20181106
Palo Alto Networks (Known Signatures) 20181106
Panda 20181106
Qihoo-360 20181106
SentinelOne (Static ML) 20181011
Sophos AV 20181106
SUPERAntiSpyware 20181031
Symantec 20181106
Symantec Mobile Insight 20181105
TACHYON 20181106
Tencent 20181106
TheHacker 20181104
TotalDefense 20181106
Trustlook 20181106
VBA32 20181106
ViRobot 20181106
Yandex 20181106
Zillya 20181106
Zoner 20181106
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2002- 2011 ONTRAPORT Catch

Internal name Afraiddepend
File version 0.1.39.56
Description Afraiddepend
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-11-06 10:57:50
Entry Point 0x00018AED
Number of sections 5
PE sections
PE imports
GetTokenInformation
CloseServiceHandle
RegisterServiceCtrlHandlerW
RegCloseKey
OpenProcessToken
SetServiceStatus
FreeSid
RegOpenKeyExW
RegEnumKeyW
InitializeSecurityDescriptor
AdjustTokenPrivileges
ControlService
StartServiceCtrlDispatcherW
LookupPrivilegeValueW
AllocateAndInitializeSid
DeleteService
RegQueryValueExW
CreateServiceW
RegSetValueExW
SetWindowExtEx
SetViewportExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
RemoveDirectoryW
GetConsoleCP
GetOEMCP
QueryPerformanceCounter
IsDebuggerPresent
GetTickCount
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
GetModuleHandleW
RtlUnwind
GetLocalTime
IsProcessorFeaturePresent
HeapSetInformation
GetCurrentProcess
EnumSystemLocalesA
GetStartupInfoW
GetCurrentDirectoryW
GetConsoleMode
GetLocaleInfoA
GetCurrentProcessId
WriteConsoleW
GetCommandLineW
WideCharToMultiByte
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
HeapCompact
GetUserDefaultLCID
HeapWalk
EncodePointer
GetLocaleInfoW
SetStdHandle
RaiseException
InitializeCriticalSection
GetCPInfo
GetModuleFileNameW
TlsFree
SetFilePointer
DeleteCriticalSection
ReadFile
InterlockedExchange
SetUnhandledExceptionFilter
WriteFile
DecodePointer
CloseHandle
GetSystemTimeAsFileTime
IsValidLocale
GetACP
HeapReAlloc
GetStringTypeW
GetProcAddress
HeapAlloc
TerminateProcess
LoadLibraryW
IsValidCodePage
HeapCreate
CreateFileW
FindClose
TlsGetValue
Sleep
GetFileType
TlsSetValue
ExitProcess
GetCurrentThreadId
InterlockedIncrement
SetLastError
LeaveCriticalSection
GetCursorPos
GetAsyncKeyState
CallWindowProcW
GetClassNameW
UpdateWindow
RegisterClassExW
GetMessagePos
FindWindowW
GetWindowTextLengthW
SetFocus
AppendMenuW
GetFocus
EnumChildWindows
ShowWindow
GetWindowTextW
GetDC
GetClassInfoExW
AddPrinterConnectionW
AddPrinterDriverExW
EnumFormsW
EnumPortsW
ReadPrinter
AddMonitorW
GetPrinterDataW
EnumPrintProcessorsW
WritePrinter
DeletePortW
SetFormW
AddJobW
ResetPrinterW
OpenPrinterW
DeletePrinter
GetPrinterDataExW
GetPrinterW
ConfigurePortW
ScheduleJob
EnumPrinterDriversW
DeleteMonitorW
AbortPrinter
EnumPrinterDataW
DeletePrintProcessorW
XcvDataW
ClosePrinter
DeletePrinterConnectionW
SetPortW
EndPagePrinter
SetPrinterDataExW
StartPagePrinter
EnumPrintersW
EnumPrinterDataExW
DeletePrinterDataW
SetJobW
EnumMonitorsW
GetJobW
DeletePrinterKeyW
AddPrintProvidorW
DeletePrinterDriverW
GetFormW
AddPrinterDriverW
EnumJobsW
DeletePrintProvidorW
GetPrinterDriverW
DeletePrinterDataExW
AddPortW
DeleteFormW
EnumPrinterKeyW
PrinterMessageBoxW
DeletePrinterDriverExW
WaitForPrinterChange
FlushPrinter
GetPrintProcessorDirectoryW
GetPrinterDriverDirectoryW
StartDocPrinterW
FindClosePrinterChangeNotification
AddPrintProcessorW
SetPrinterDataW
EnumPrintProcessorDatatypesW
EndDocPrinter
AddPrinterW
AddFormW
OleUninitialize
CoRegisterClassObject
CoInitialize
OleInitialize
CoRegisterSurrogate
OleSetContainedObject
CoUninitialize
Number of PE resources by type
RT_ICON 14
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 17
PE resources
Debug information
ExifTool file metadata
CodeSize
165888

UninitializedDataSize
0

LinkerVersion
10.0

ImageVersion
0.0

FileVersionNumber
0.1.39.56

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
Afraiddepend

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
486912

EntryPoint
0x18aed

MIMEType
application/octet-stream

LegalCopyright
Copyright 2002- 2011 ONTRAPORT Catch

FileVersion
0.1.39.56

TimeStamp
2011:11:06 11:57:50+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Afraiddepend

ProductVersion
0.1.39.56

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
ONTRAPORT Catch

LegalTrademarks
Afraiddepend

FileSubtype
0

ProductVersionNumber
0.1.39.56

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 96fbb7bb97cc3f843ec6274a3079f916
SHA1 3bfa5ac1ba8def68989c45d096284b2e4e5c4b72
SHA256 b44cf52b6918f494ef47cf8ed144e061d8abf69997e923f20f021a159466fa35
ssdeep
12288:n+NE6wVHkHw55G2ED9omNBWZ0j0WUV64IyEQmN82Ag5:gu8w7c9xa64BELSg

authentihash bd09b95e3f2ea5c00ef0609be4dc2550395ef21bc36c07f6b4ba8cd259c91c27
imphash 274e1e092324dc5c9f367eec5f8671ec
File size 608.5 KB ( 623104 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-11-06 19:57:04 UTC ( 4 months, 2 weeks ago )
Last submission 2018-11-18 19:11:17 UTC ( 4 months, 1 week ago )
File names 30.exe
23950.exe
4.exe
96fbb7bb97cc3f843ec6274a3079f916
86988.exe
2406.exe
976.exe
94339.exe
915.exe
85.exe
Afraiddepend
47191123.exe
47.exe
2407750.exe
61.exe
008689.exe
830986.exe
1490789.exe
968.exe
1628.exe
72904.exe
5667669.exe
0064323.exe
521201.exe
94.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Moved files
Deleted files
Created processes
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs