× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b9a0dc9c1a2c4ad1edeacae803107495f4ebd845243c6719754e25daca0d7a82
File name: d8c6f5d7d60a8c10fe1773c50d426079
Detection ratio: 27 / 66
Analysis date: 2018-03-25 19:19:39 UTC ( 8 months, 3 weeks ago )
Antivirus Result Update
Ad-Aware Trojan.Emotet.O 20180325
AhnLab-V3 Trojan/Win64.Dridex.C2161073 20180325
ALYac Trojan.Emotet.O 20180325
Arcabit Trojan.Emotet.O 20180325
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180323
BitDefender Trojan.Emotet.O 20180325
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170201
Cylance Unsafe 20180325
DrWeb Trojan.PackedENT.61 20180325
Emsisoft Trojan.Emotet.O (B) 20180325
Endgame malicious (high confidence) 20180316
ESET-NOD32 a variant of Win64/Kryptik.BGX 20180325
F-Secure Trojan.Emotet.O 20180325
Fortinet W64/Kryptik.BGY!tr 20180325
GData Win64.Trojan.Kryptik.IL 20180325
Ikarus Trojan.Win64.Crypt 20180325
Sophos ML heuristic 20180121
Kaspersky HEUR:Trojan.Win32.Generic 20180325
Malwarebytes Trojan.Dridex 20180325
MAX malware (ai score=85) 20180325
McAfee Drixed-FGW!D8C6F5D7D60A 20180325
McAfee-GW-Edition BehavesLike.Win64.Expiro.gc 20180325
Microsoft Backdoor:Win64/Drixed.Q 20180325
eScan Trojan.Emotet.O 20180325
Rising Trojan.Win64/Kryptik!1.AE80 (CLASSIC) 20180325
SentinelOne (Static ML) static engine - malicious 20180225
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20180325
AegisLab 20180325
Alibaba 20180323
Antiy-AVL 20180325
Avast 20180325
Avast-Mobile 20180325
AVG 20180325
Avira (no cloud) 20180325
AVware 20180325
Bkav 20180325
CAT-QuickHeal 20180325
ClamAV 20180325
CMC 20180325
Comodo 20180325
Cybereason None
Cyren 20180325
eGambit 20180325
F-Prot 20180325
Jiangmin 20180325
K7AntiVirus 20180325
K7GW 20180325
Kingsoft 20180325
NANO-Antivirus 20180325
nProtect 20180325
Palo Alto Networks (Known Signatures) 20180325
Panda 20180325
Qihoo-360 20180325
Sophos AV 20180325
SUPERAntiSpyware 20180325
Symantec 20180324
Symantec Mobile Insight 20180311
Tencent 20180325
TheHacker 20180319
TotalDefense 20180325
TrendMicro 20180325
TrendMicro-HouseCall 20180325
Trustlook 20180325
VBA32 20180323
VIPRE 20180325
ViRobot 20180325
WhiteArmor 20180324
Yandex 20180324
Zillya 20180323
Zoner 20180325
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem that targets 64bit architectures.
FileVersionInfo properties
Copyright
© Saqec Corporation. All rights reserved.

Product Saqec ® ccdcxe® Operating System
Original name kbdbhc.dll
Internal name Saqec (3.13)
File version 6.1.7600.16385 (win7_rtm.090713-1255)
Description Saqec (Cyrillic) Keyboard Layout
PE header basic information
Target machine x64
Compilation timestamp 2017-09-18 05:13:14
Entry Point 0x000015C0
Number of sections 10
PE sections
PE imports
GetModuleHandleW
GetClipboardSequenceNumber
fgetws
isalnum
Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
NEUTRAL 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
491520

ImageVersion
0.0

ProductName
Saqec ccdcxe Operating System

FileVersionNumber
6.1.7600.16385

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Saqec (Cyrillic) Keyboard Layout

CharacterSet
Unicode

LinkerVersion
16.0

FileTypeExtension
dll

OriginalFileName
kbdbhc.dll

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
6.1.7600.16385 (win7_rtm.090713-1255)

TimeStamp
2017:09:18 06:13:14+01:00

FileType
Win64 DLL

PEType
PE32+

InternalName
Saqec (3.13)

ProductVersion
6.1.7600.16385

SubsystemVersion
5.2

OSVersion
4.0

FileOS
Windows NT 32-bit

LegalCopyright
Saqec Corporation. All rights reserved.

MachineType
AMD AMD64

CompanyName
Saqec Corporation

CodeSize
16384

FileSubtype
0

ProductVersionNumber
6.1.7600.16385

EntryPoint
0x15c0

ObjectFileType
Dynamic link library

File identification
MD5 d8c6f5d7d60a8c10fe1773c50d426079
SHA1 142ef1d255c27f35b34b860493cca9f479fde0d8
SHA256 b9a0dc9c1a2c4ad1edeacae803107495f4ebd845243c6719754e25daca0d7a82
ssdeep
12288:drSFu6oFLCZtY8ablD7MAzy5yodMWsch+Vlm:dScgZy8abl0AzYtiXcoVl

authentihash 2bffa62f63890fb55da76d13964626d32bb1ba73e1fcf956986cfc6a8517232f
imphash 7358cc22a35401d9cbc3ef5c16309adc
File size 456.0 KB ( 466944 bytes )
File type Win32 DLL
Magic literal
PE32+ executable for MS Windows (DLL) (GUI) Mono/.Net assembly

TrID OS/2 Executable (generic) (33.6%)
Generic Win/DOS Executable (33.1%)
DOS Executable Generic (33.1%)
Tags
64bits assembly pedll

VirusTotal metadata
First submission 2018-03-25 19:19:39 UTC ( 8 months, 3 weeks ago )
Last submission 2018-03-25 19:19:39 UTC ( 8 months, 3 weeks ago )
File names kbdbhc.dll
Saqec (3.13)
d8c6f5d7d60a8c10fe1773c50d426079
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!