× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b895cb66027c2b968bd40eb7ad65581ae0499592ab1cb65e7df4a6376f35d300
File name: 46Jd2PK81TGvt.exe
Detection ratio: 44 / 68
Analysis date: 2018-11-06 08:07:11 UTC ( 3 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Razy.418350 20181106
AegisLab Trojan.Win32.Emotet.4!c 20181106
AhnLab-V3 Malware/Win32.Generic.C2800665 20181106
ALYac Gen:Variant.Razy.418350 20181106
Antiy-AVL Trojan/Win32.Fuerboos 20181106
Arcabit Trojan.Razy.D6622E 20181106
Avast Win32:BankerX-gen [Trj] 20181106
AVG Win32:BankerX-gen [Trj] 20181106
BitDefender Gen:Variant.Razy.418350 20181106
Bkav HW32.Packed. 20181102
CAT-QuickHeal Trojan.IGENERIC 20181105
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.50765d 20180225
Cylance Unsafe 20181106
Cyren W32/Trojan.JKQT-0183 20181106
Emsisoft Gen:Variant.Razy.418350 (B) 20181106
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Kryptik.GMEC 20181106
F-Secure Gen:Variant.Razy.418350 20181106
Fortinet W32/Kryptik.GMEC!tr 20181106
GData Gen:Variant.Razy.418350 20181106
Ikarus Trojan.Win32.Crypt 20181105
Sophos ML heuristic 20180717
K7AntiVirus Riskware ( 0040eff71 ) 20181105
K7GW Riskware ( 0040eff71 ) 20181106
Kaspersky Trojan-Banker.Win32.Emotet.blkz 20181106
Malwarebytes Trojan.Emotet 20181106
MAX malware (ai score=100) 20181106
McAfee RDN/Generic.grp 20181106
McAfee-GW-Edition BehavesLike.Win32.Emotet.cc 20181106
Microsoft Trojan:Win32/Emotet.AC!bit 20181106
eScan Gen:Variant.Razy.418350 20181106
Palo Alto Networks (Known Signatures) generic.ml 20181106
Panda Trj/CI.A 20181105
Qihoo-360 Win32/Trojan.a94 20181106
Rising Trojan.Fuerboos!8.EFC8 (CLOUD) 20181106
SentinelOne (Static ML) static engine - malicious 20181011
Sophos AV Mal/EncPk-ANY 20181106
Symantec Trojan.Emotet 20181106
TrendMicro TROJ_GEN.R062C0CK418 20181106
TrendMicro-HouseCall TROJ_GEN.R062C0CK418 20181106
ViRobot Trojan.Win32.Z.Razy.131072.NX 20181106
Webroot W32.Trojan.Emotet 20181106
ZoneAlarm by Check Point Trojan-Banker.Win32.Emotet.blkz 20181106
Alibaba 20180921
Avast-Mobile 20181106
Avira (no cloud) 20181106
Babable 20180918
Baidu 20181106
ClamAV 20181106
CMC 20181106
DrWeb 20181106
eGambit 20181106
F-Prot 20181106
Jiangmin 20181106
Kingsoft 20181106
NANO-Antivirus 20181106
SUPERAntiSpyware 20181031
Symantec Mobile Insight 20181105
TACHYON 20181106
Tencent 20181106
TheHacker 20181104
TotalDefense 20181106
Trustlook 20181106
VBA32 20181106
VIPRE 20181106
Yandex 20181102
Zillya 20181105
Zoner 20181106
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 1993-2002 ABBYY (BIT Software).

Product FineReader
Original name Engine.dll
Internal name Engine
File version 5.0.0.482
Description FineReader Engine
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-07-27 17:30:04
Entry Point 0x000032E0
Number of sections 6
PE sections
PE imports
InitializeCriticalSectionAndSpinCount
SetFileCompletionNotificationModes
WideCharToMultiByte
GetProcessShutdownParameters
HeapUnlock
GetCommandLineW
GetFileType
LockFile
GetConsoleHistoryInfo
CloseHandle
SafeArrayCopy
TrackPopupMenu
GetMenu
GetQueueStatus
IsGUIThread
EnableScrollBar
GetWindowContextHelpId
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
ENGLISH US 1
PE resources
Debug information
ExifTool file metadata
CodeSize
12288

SubsystemVersion
5.0

LinkerVersion
12.0

ImageVersion
0.1

FileSubtype
0

FileVersionNumber
5.0.0.482

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
FineReader Engine

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
147456

EntryPoint
0x32e0

OriginalFileName
Engine.dll

MIMEType
application/octet-stream

LegalCopyright
Copyright 1993-2002 ABBYY (BIT Software).

FileVersion
5.0.0.482

TimeStamp
2013:07:27 19:30:04+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
Engine

ProductVersion
5.0.0.482

UninitializedDataSize
0

OSVersion
6.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
ABBYY (BIT Software)

LegalTrademarks
FineReader is the trademark of ABBYY (BIT Software)

ProductName
FineReader

ProductVersionNumber
5.0.0.482

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 1db013650765dc2206fab699bc3bb24e
SHA1 0fa047f90b191a420704f8a180aa4c7cff3ad8fa
SHA256 b895cb66027c2b968bd40eb7ad65581ae0499592ab1cb65e7df4a6376f35d300
ssdeep
3072:gkH8FspJ9RRRRRanntRRRRrpQRRSRRRRlRRKRR+QidVbhJGs0fOI56QZ8yPMbkP:gkH2spJ9RRRRRantRRRRrpQRRSRRRRlO

authentihash 401f23568919cd4728efe7b503d85c5d864ee787ea7c3b7b3a0ed1c90fa4df05
imphash 1192b02aa7214d95bfe66139f79c6de3
File size 128.0 KB ( 131072 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-10-30 15:19:33 UTC ( 3 months, 3 weeks ago )
Last submission 2018-10-30 15:19:33 UTC ( 3 months, 3 weeks ago )
File names Engine
Engine.dll
46Jd2PK81TGvt.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!