× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b93e4b995b136c0d090a5e91c944f76e605083c4b2d08b358e4f38cfaa9abefe
File name: 13533.exe
Detection ratio: 23 / 67
Analysis date: 2018-05-20 18:53:18 UTC ( 9 months ago ) View latest
Antivirus Result Update
AegisLab Ml.Attribute.Gen!c 20180520
Avast FileRepMalware 20180520
AVG FileRepMalware 20180520
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180518
Bkav HW32.Packed.1DAE 20180518
Comodo CloudScanner.Trojan.Gen 20180520
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180418
Cylance Unsafe 20180520
eGambit Unsafe.AI_Score_57% 20180520
Endgame malicious (high confidence) 20180507
Fortinet W32/Kryptik.GGRP!tr 20180520
Sophos ML heuristic 20180503
Kaspersky UDS:DangerousObject.Multi.Generic 20180520
MAX malware (ai score=94) 20180520
McAfee Artemis!5AAD5112DB67 20180520
McAfee-GW-Edition BehavesLike.Win32.Virut.ch 20180520
Palo Alto Networks (Known Signatures) generic.ml 20180520
Qihoo-360 HEUR/QVM20.1.4B03.Malware.Gen 20180520
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/Generic-S 20180520
Symantec ML.Attribute.HighConfidence 20180519
Webroot W32.Trojan.Emotet 20180520
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180520
Ad-Aware 20180520
AhnLab-V3 20180520
Alibaba 20180518
ALYac 20180520
Antiy-AVL 20180520
Arcabit 20180520
Avast-Mobile 20180520
Avira (no cloud) 20180520
AVware 20180520
Babable 20180406
BitDefender 20180520
CAT-QuickHeal 20180520
ClamAV 20180520
CMC 20180520
Cybereason None
Cyren 20180520
DrWeb 20180520
Emsisoft 20180520
ESET-NOD32 20180520
F-Prot 20180520
F-Secure 20180520
GData 20180520
Ikarus 20180520
Jiangmin 20180520
K7AntiVirus 20180520
K7GW 20180520
Kingsoft 20180520
Malwarebytes 20180520
Microsoft 20180520
eScan 20180520
NANO-Antivirus 20180520
nProtect 20180520
Panda 20180520
Rising 20180520
SUPERAntiSpyware 20180520
Symantec Mobile Insight 20180518
Tencent 20180520
TheHacker 20180516
TotalDefense 20180520
TrendMicro 20180520
TrendMicro-HouseCall 20180520
Trustlook 20180520
VBA32 20180518
VIPRE 20180520
ViRobot 20180520
Yandex 20180518
Zillya 20180519
Zoner 20180519
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-05-20 16:50:32
Entry Point 0x00001356
Number of sections 8
PE sections
PE imports
RegOpenCurrentUser
JetCloseDatabase
GetTextColor
UpdateColors
GetProcessId
EnumResourceTypesA
GetCurrentProcess
ApplicationRecoveryFinished
GetUserDefaultUILanguage
GetSystemDefaultLocaleName
GetConsoleCursorInfo
GetTickCount64
FlsGetValue
GetDynamicTimeZoneInformation
GetVersion
SetThreadIdealProcessor
GetAsyncKeyState
GetParent
TrackPopupMenu
SetClipboardData
RegisterHotKey
IsDlgButtonChecked
GetRawInputBuffer
SetScrollPos
GetClipboardSequenceNumber
GetClipCursor
CryptCATPutMemberInfo
qsort
isxdigit
Number of PE resources by type
RT_STRING 3
Number of PE resources by language
NEUTRAL 3
PE resources
Debug information
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
2018:05:20 18:50:32+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
14848

LinkerVersion
12.1

ImageFileCharacteristics
Executable, 32-bit

EntryPoint
0x1356

InitializedDataSize
139776

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

File identification
MD5 5aad5112db6799b01765d929f6f0ff4d
SHA1 e27f1fcf67147356f8cbd80d42ff0d298fbb4e7e
SHA256 b93e4b995b136c0d090a5e91c944f76e605083c4b2d08b358e4f38cfaa9abefe
ssdeep
3072:+MlV6SbE0hm3lT0aJa/4K7oA3EJnHvNweEfJZJLQDlrZKj:+Gc0hul0/l7oGqlQ3QD+

authentihash f739f6a7b02d970cbebecd80302fa3f23536fd23c217009ece27b8aed2e65b34
imphash 8e4b1fb29159c75f07cd6fad41dd94a2
File size 148.0 KB ( 151552 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-05-20 17:08:33 UTC ( 9 months ago )
Last submission 2018-06-28 08:21:25 UTC ( 7 months, 3 weeks ago )
File names output.113438273.txt
51656.exe
aa
77602.exe
2434.exe
13533.exe
1039.exe
2480.exe
75369.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!